Lucene search
K

2566 matches found

BDU FSTEC
BDU FSTEC
added 2020/06/02 12:0 a.m.3 views

The vulnerability of the load_aout_binary() function in the Linux operating system’s kernel allows a hacker to bypass the ASLR protection mechanism.

The vulnerability of the loadaoutbinary function in the Linux operating system arises due to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to bypass the ASLR protection mechanism in programs with setuid a.out...

2.5CVSS6.5AI score0.00495EPSS
Exploits1References32Affected Software4
Veracode
Veracode
added 2020/05/13 3:23 a.m.17 views

Unauthorized Access

Soteria is vulnerable to unauthorized access. A security identity corruption across concurrent threads occurs when multiple concurrent requests are parsed...

4.2CVSS5AI score0.00664EPSS
Exploits0References36Affected Software53
RedHat Linux
RedHat Linux
added 2020/05/11 8:17 p.m.3 views

Soteria: security identity corruption across concurrent threads

A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity...

4.9CVSS5.7AI score0.00664EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/11 8:15 p.m.2 views

Soteria: security identity corruption across concurrent threads

A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity...

4.9CVSS5.7AI score0.00664EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/11 8:12 p.m.5 views

Soteria: security identity corruption across concurrent threads

A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity...

4.9CVSS5.7AI score0.00664EPSS
Exploits0References4
OSV
OSV
added 2020/05/09 9:15 p.m.3 views

DEBIAN-CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...

5.5CVSS6.6AI score0.00652EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/05/09 9:15 p.m.32 views

CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...

5.5CVSS6.8AI score0.00652EPSS
Exploits1References6
Prion
Prion
added 2020/05/09 9:15 p.m.25 views

Design/Logic Flaw

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...

4.9CVSS5.8AI score0.00652EPSS
Exploits1References9Affected Software4
Debian CVE
Debian CVE
added 2020/05/09 8:16 p.m.40 views

CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...

5.5CVSS6.5AI score0.00652EPSS
Exploits1
OSV
OSV
added 2020/05/04 5:15 p.m.25 views

CVE-2020-1732

A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request...

4.2CVSS6.8AI score0.00664EPSS
Exploits0References2
Prion
Prion
added 2020/05/04 5:15 p.m.12 views

Design/Logic Flaw

A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request...

4.9CVSS6.5AI score0.00664EPSS
Exploits0References2Affected Software2
RedHat Linux
RedHat Linux
added 2020/04/28 3:43 p.m.3 views

kernel: net/mlx5e: Check for NOT_READY flag state after locking

A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...

4.7CVSS6.8AI score0.00105EPSS
Exploits0References5
Veeam
Veeam
added 2020/04/27 12:0 a.m.55 views

How to Limit Parallel Disk Processing in Veeam Agent for Microsoft Windows

Purpose This article documents how to disable or limit parallel disk processing in Veeam Agent for Microsoft Windows. Solution The following registry values can used to control parallel disk processing on the machine where Veeam Agent for Microsoft Windows is installed: To disable parallel disk...

6.7AI score
Exploits0Affected Software1
Kitploit
Kitploit
added 2020/04/21 12:30 p.m.28 views

Httpgrep - Scans HTTP Servers To Find Given Strings In URIs

A python tool which scans for HTTP servers and finds given strings in URIs. Usage $ httpgrep -H --== httpgrep by nullsecurity.net ==-- usage httpgrep -h -s opts | opts -h - single host or host-range/cidr-range or file containing hosts, e.g.: foobar.net, 192.168.0.1-192.168.0.254, 192.168.0.0/24,...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2020/04/20 12:0 a.m.6 views

Linux kernel competitive conditions issue vulnerability (CNVD-2021-43387)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A Competitive Condition Issue vulnerability exists in the auditing subsystem of the Linux kernel. The vulnerability arises from improper handling of concurrent access...

6.8AI score
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:40 a.m.46 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A NULL pointer dereference flaws were found in the r128 driver in the Linux kernel. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial o...

7.8CVSS3.6AI score0.00425EPSS
Exploits0References37Affected Software2
OSV
OSV
added 2020/03/21 1:15 a.m.1 views

DEBIAN-CVE-2019-17185

In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BNCTX instance to handle all handshakes. This mean multiple threads use the same BNCTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a...

7.5CVSS6.8AI score0.02168EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/18 12:0 a.m.4 views

Meetecho Janus Competitive Conditions Issue Vulnerability (CNVD-2020-19843)

Meetecho Janus is a WebRTC Web Real Time Communication server from Meetecho. A Competitive Conditions Issue vulnerability exists in Meetecho Janus 0.9.1 and prior versions. The vulnerability stems from improper handling of concurrent access when concurrent code requires mutually exclusive access ...

5.8CVSS7.1AI score0.00464EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/17 12:0 a.m.4 views

Yarn Competition Condition Problem Vulnerability

Yarn is an open source package installation, management tools. A Competing Conditions Issue vulnerability exists in package integrity checking in versions prior to yarn 1.19.0. The vulnerability stems from improper handling of concurrent access when concurrent code requires mutually exclusive...

5.9CVSS6.9AI score0.01783EPSS
Exploits1References1
NVD
NVD
added 2020/03/14 8:15 p.m.19 views

CVE-2020-10577

An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race condition when claiming sessions...

5.8CVSS5AI score0.00464EPSS
Exploits0References1
Rows per page
Query Builder