2566 matches found
The vulnerability of the load_aout_binary() function in the Linux operating system’s kernel allows a hacker to bypass the ASLR protection mechanism.
The vulnerability of the loadaoutbinary function in the Linux operating system arises due to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to bypass the ASLR protection mechanism in programs with setuid a.out...
Unauthorized Access
Soteria is vulnerable to unauthorized access. A security identity corruption across concurrent threads occurs when multiple concurrent requests are parsed...
Soteria: security identity corruption across concurrent threads
A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity...
Soteria: security identity corruption across concurrent threads
A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity...
Soteria: security identity corruption across concurrent threads
A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity...
DEBIAN-CVE-2020-12769
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...
CVE-2020-12769
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...
Design/Logic Flaw
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...
CVE-2020-12769
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...
CVE-2020-1732
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request...
Design/Logic Flaw
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request...
kernel: net/mlx5e: Check for NOT_READY flag state after locking
A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...
How to Limit Parallel Disk Processing in Veeam Agent for Microsoft Windows
Purpose This article documents how to disable or limit parallel disk processing in Veeam Agent for Microsoft Windows. Solution The following registry values can used to control parallel disk processing on the machine where Veeam Agent for Microsoft Windows is installed: To disable parallel disk...
Httpgrep - Scans HTTP Servers To Find Given Strings In URIs
A python tool which scans for HTTP servers and finds given strings in URIs. Usage $ httpgrep -H --== httpgrep by nullsecurity.net ==-- usage httpgrep -h -s opts | opts -h - single host or host-range/cidr-range or file containing hosts, e.g.: foobar.net, 192.168.0.1-192.168.0.254, 192.168.0.0/24,...
Linux kernel competitive conditions issue vulnerability (CNVD-2021-43387)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A Competitive Condition Issue vulnerability exists in the auditing subsystem of the Linux kernel. The vulnerability arises from improper handling of concurrent access...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A NULL pointer dereference flaws were found in the r128 driver in the Linux kernel. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial o...
DEBIAN-CVE-2019-17185
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BNCTX instance to handle all handshakes. This mean multiple threads use the same BNCTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a...
Meetecho Janus Competitive Conditions Issue Vulnerability (CNVD-2020-19843)
Meetecho Janus is a WebRTC Web Real Time Communication server from Meetecho. A Competitive Conditions Issue vulnerability exists in Meetecho Janus 0.9.1 and prior versions. The vulnerability stems from improper handling of concurrent access when concurrent code requires mutually exclusive access ...
Yarn Competition Condition Problem Vulnerability
Yarn is an open source package installation, management tools. A Competing Conditions Issue vulnerability exists in package integrity checking in versions prior to yarn 1.19.0. The vulnerability stems from improper handling of concurrent access when concurrent code requires mutually exclusive...
CVE-2020-10577
An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race condition when claiming sessions...