942 matches found
CVE-2019-14818
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhostuser socket, can send specially crafted VRINGSETNUM messages, resulting in a memory leak including file...
CVE-2013-1889
CVE-2013-1889 affects mod_ruid2 prior to 0.9.8. The vulnerability arises from improper handling of file descriptors, enabling a remote attacker to bypass security by using a CGI script to break out of a chroot. Documented across multiple sources (NVD and OSV Ubuntu), with CVSS indicating potentia...
CVE-2013-1889
Removed by vendor...
Centos 7 : runc
An update for runc is now available for CentOS 7 Extras. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could...
About the security content of Swift 5.1.1 for Ubuntu - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
About the security content of Swift 5.1.1 for Ubuntu
About the security content of Swift 5.1.1 for Ubuntu This document describes the security content of Swift 5.1.1 for Ubuntu. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
CVE-2018-1114
It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...
bind: Limiting simultaneous TCP clients is ineffective
A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file descriptors available to named, potentially affecting network connections and the management of files such as log files or zone...
EulerOS 2.0 SP3 : bind (EulerOS-SA-2019-2040)
According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to...
NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Vulnerability (NS-SA-2019-0087)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by a vulnerability: - A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the po...
NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Vulnerability (NS-SA-2019-0158)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has bind packages installed that are affected by a vulnerability: - A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the po...
Oracle Linux 8 : container-tools:rhel8 (ELSA-2019-0975)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0975 advisory. container-selinux 2:2.94-1.git1e99f1d - Resolves: 1690286 - bump to v2.94 - Resolves: 1693806, 1689255 2:2.89-1.git2521d0d - bump to v2.89 runc...
NewStart CGSL MAIN 4.05 : bind Vulnerability (NS-SA-2019-0167)
The remote NewStart CGSL host, running version MAIN 4.05, has bind packages installed that are affected by a vulnerability: - A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file...
CVE-2019-5603
In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350263, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, system calls operating on file descriptors as part of mqueuefs did not properly release the reference allowing a...
Design/Logic Flaw
In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350263, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, system calls operating on file descriptors as part of mqueuefs did not properly release the reference allowing a...
CVE-2019-5603
In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350263, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, system calls operating on file descriptors as part of mqueuefs did not properly release the reference allowing a...
CVE-2019-5603
CVE-2019-5603 affects FreeBSD’s mqueuefs (POSIX message queue filesystem). The issue arises when system calls operating on file descriptors obtain a reference to a relevant struct file, but due to a programming error the reference is not always released, allowing a local user to overflow the coun...
Amazon Linux AMI : bind (ALAS-2019-1244)
A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file descriptors available to named, potentially affecting network connections and the management of files such as log files or zone...
FreeBSD-SA-19:17.fd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:17.fd Security Advisory The FreeBSD Project Topic: File description reference count leak Category: core Module: unix Announced: 2019-07-24 Credits: Mark...
EulerOS 2.0 SP2 : bind (EulerOS-SA-2019-1730)
According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to...