Lucene search
K

2565 matches found

Cvelist
Cvelist
added 2022/08/23 5:5 a.m.18 views

CVE-2022-25304 Denial of Service (DoS)

All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...

7.5CVSS7.7AI score0.01063EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/23 12:0 a.m.3 views

python-opcua 安全漏洞

python-opcua is an LGPL pure Python OPC-UA client and server from the Free OPC-UA Library open source. A security vulnerability exists in python-opcua that stems from the lack of a limit on the number of blocks received per session or total number of all concurrent sessions...

7.5CVSS5.6AI score0.01063EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/23 12:0 a.m.3 views

open62541 安全漏洞

open62541 is an application software. An open source and free implementation of OPC UA OPC Unified Architecture, written in a common subset of the C99 and C++98 languages. A security vulnerability exists in open62541 versions prior to 1.2.5, 1.3-rc1, and 1.3.1, which stems from the lack of a limi...

7.5CVSS5.6AI score0.01127EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/07/23 12:0 a.m.41 views

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:2525-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2525-1 advisory. - A cookie management issue was addressed with improved state management. This issue is fixed in Security Upda...

8.8CVSS7AI score0.01259EPSS
Exploits0References8
Fedora
Fedora
added 2022/07/15 1:36 a.m.31 views

[SECURITY] Fedora 35 Update: subversion-1.14.2-5.fc35

Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...

7.5CVSS2.5AI score0.09254EPSS
Exploits1
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.4 views

October CMS 竞争条件问题漏洞

October CMS is an open source content management system CMS based on PHP and Laravel web application framework. October CMS suffers from a Competing Conditions Issue vulnerability. The vulnerability stems from improper handling of concurrent access when concurrent code requires mutually exclusive...

8.1CVSS6.1AI score0.01136EPSS
Exploits0References4
CNVD
CNVD
added 2022/07/08 12:0 a.m.30 views

Multiple MediaTek Chips Competitive Condition Vulnerabilities

MediaTek Inc. is the world's fourth largest fab-based semiconductor company and a leader in the markets of mobile terminals, smart home applications, wireless connectivity and Internet of Things IoT products, with approximately 1.5 billion units of end products with built-in MediaTek chips hittin...

6.4CVSS6.4AI score0.00081EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.4 views

MediaTek 芯片竞争条件问题漏洞

MediaTek Inc. is the world's fourth largest fab-based semiconductor company and a leader in the markets of mobile terminals, smart home applications, wireless connectivity and Internet of Things IoT products, with approximately 1.5 billion units of end products with built-in MediaTek chips hittin...

6.4CVSS5.8AI score0.00081EPSS
Exploits0References3
OSV
OSV
added 2022/06/28 6:23 p.m.8 views

GSD-2022-1002856 btrfs: fix deadlock between concurrent dio writes when low on free data space

btrfs: fix deadlock between concurrent dio writes when low on free data space This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/06/08 8:20 a.m.18 views

RLSA-2022:4941 Important: subversion:1.14 security update

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fixes: subversion: Subversion's moddavsvn is vulnerable to memory corruption...

7.5CVSS7.9AI score0.09254EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/05/31 5:59 p.m.74 views

CVE-2022-1419

The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, and vgemgemdumbcreate will access the freed drmvgemgemobject...

7.8CVSS6.9AI score0.00298EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2022/05/29 4:22 p.m.45 views

CVE-2022-1419

The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, and vgemgemdumbcreate will access the freed drmvgemgemobject...

7.8CVSS7.5AI score0.00298EPSS
Exploits0References3
OSV
OSV
added 2022/05/17 5:47 a.m.31 views

GHSA-HW4G-FHCP-X5MQ Concurrent Execution using Shared Resource with Improper Synchronization in pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or ...

8.7CVSS7.4AI score0.01582EPSS
Exploits0References15
Github Security Blog
Github Security Blog
added 2022/05/17 5:47 a.m.51 views

Concurrent Execution using Shared Resource with Improper Synchronization in pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or ...

4.3CVSS4AI score0.01582EPSS
Exploits0References14Affected Software1
OSV
OSV
added 2022/05/17 4:59 a.m.24 views

GHSA-4644-HG35-55M9 Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security

Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread...

5.1CVSS6.4AI score0.01246EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/17 4:59 a.m.30 views

Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security

Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread...

5.1CVSS6.8AI score0.01246EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/17 3:51 a.m.5 views

hudson.plugins.concurrent_login:concurrent-login-plugin (>=0.5 <=0.7), org.jenkins-ci.main:jenkins-test-harness (=1.513) +4 more potentially affected by CVE-2013-2034 via org.jenkins-ci.main:jenkins-core (=1.513)

org.jenkins-ci.main:jenkins-core MAVEN version =1.513 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.main:jenkins-core and may be impacted: - hudson.plugins.concurrentlogin:concurrent-login-plugin =0.5, =0.7 -...

6.8CVSS5.8AI score0.01624EPSS
Exploits0
OSV
OSV
added 2022/05/17 12:34 a.m.2 views

GHSA-37M3-QP37-X3C6 Apache Geode gfsh query vulnerability

When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query results may contain data from another user's concurrently executing gfsh query, potentially revealing...

4.3CVSS6AI score0.01178EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/05/16 12:0 a.m.3 views

PT-2022-7558 · Unknown +6 · Wpe Webkit +6

Name of the Vulnerable Software and Affected Versions: WPE WebKit versions prior to 2.36.4 WebKitGTK versions prior to 2.36.4 Description: The issue is related to errors in resource release, allowing a remote attacker to impact data integrity. It involves a logic problem in handling concurrent...

8.8CVSS5.4AI score0.01259EPSS
Exploits0References52
vulnersOsv
vulnersOsv
added 2022/05/14 1:52 a.m.4 views

hudson.plugins.concurrent_login:concurrent-login-plugin (>=0.5 <=0.7), org.jenkins-ci.main:jenkins-test-harness (=1.513) +4 more potentially affected by CVE-2013-2033 via org.jenkins-ci.main:jenkins-core (=1.513)

org.jenkins-ci.main:jenkins-core MAVEN version =1.513 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.main:jenkins-core and may be impacted: - hudson.plugins.concurrentlogin:concurrent-login-plugin =0.5, =0.7 -...

2.1CVSS5.8AI score0.0186EPSS
Exploits0
Rows per page
Query Builder