2571 matches found
kernel: Race condition between multiple sys_perf_event_open() calls
It was found that the original fix for CVE-2016-6786 was incomplete. There exist a race between two concurrent sysperfeventopen calls when both try and move the same pre-existing software group into a hardware context...
Network OSINT Gathering Tool: XRay
XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic. How Does it Work? XRay is a very simple tool, it works this way: 1. It’ll bruteforce subdomains using a wordlist and DNS requests. 2. For every...
DEBIAN-CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
ALPINE-CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
UBUNTU-CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
The vulnerability of the Linux operating system, which allows a hacker to trigger a service failure
The vulnerability of the sctpwaitforsndbuf function in the net/sctp/socket.c kernel of the Linux operating system exists due to insufficient checking of resource status when the resource can be used concurrently. Exploiting this vulnerability allows a malicious actor to cause a service failure—wi...
CVE-2017-3743
If multiple users are concurrently logged into a single system where one user is sending a command via the Lenovo ToolsCenter Advanced Settings Utility ASU, UpdateXpress System Pack Installer UXSPI or Dynamic System Analysis DSA to a second machine, the other users may be able to see the user ID...
UBUNTU-CVE-2016-8745
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...
CVE-2016-8745
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...
The vulnerability of the ion_ioctl function (drivers/staging/android/ion/ion.c) in the Linux operating system, which allows a hacker to trigger a service failure or increase their privileges.
The vulnerability of the ionioctl function drivers/staging/android/ion/ion.c in the Linux operating system exists due to insufficient checking of resource status when resources are allowed to be shared. Exploiting this vulnerability can allow a malicious actor to increase their privileges or caus...
Debian DSA-3705-1 : curl - security update
Several vulnerabilities were discovered in cURL, an URL transfer library : - CVE-2016-8615 It was discovered that a malicious HTTP server could inject new cookies for arbitrary domains into a cookie jar. - CVE-2016-8616 It was discovered that when re-using a connection, curl was doing case...
Use after free via shared cookies
libcurl explicitly allows users to share cookies between multiple easy handles that are concurrently employed by different threads. When cookies to be sent to a server are collected, the matching function collects all cookies to send and the cookie lock is released immediately afterwards. That...
Microsoft Windows Session Object Elevation of Privilege (MS16-111: CVE-2016-3305)
An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to an error in the way windows kernel handles session objects in concurrent logins. Successful exploitation may lead to a malicious user gaining access to a victim user's session...
openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-944)
This update for java-180-openjdk fixes the following issues : - Upgrade to version jdk8u101 icedtea 3.1.0 - New in release 3.1.0 2016-07-25 : - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking boo989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only boo989734 -...
OracleVM 3.2 : openldap (OVMSA-2016-0069)
The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-6908 openldap: bergetnext denial of service vulnerability 1263170 - fix: syncprov psearch race condition 999811 - fix: CVE-2013-4449 segfault on certain queries with rwm overlay 1064146 - fix...
CVE-2016-5242
The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...
CVE-2016-5242
The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...
The vulnerability of the Junos operating system, which allows a hacker to increase their privileges
The vulnerability of the Junos operating system exists due to insufficient checks on the status of resources when they can be used concurrently. Exploiting this vulnerability allows a malicious actor to enhance their privileges using the URL parameter...
Scientific Linux Security Update : mariadb on SL7.x x86_64 (20160404)
Security Fixes : - It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a...
ISC DHCP Denial of Service Vulnerability (CNVD-2016-01603)
ISC DHCP is the United States ISC Internet Systems Consortium company's set of open source Dynamic Host Configuration Protocol server software. A security vulnerability exists in ISC DHCP that stems from the program's failure to limit the number of concurrent TCP sessions. A remote attacker could...