Lucene search
K

715 matches found

RedHat Linux
RedHat Linux
added 2021/01/13 3:2 p.m.5 views

dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2

A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.04908EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2020/11/25 2:40 p.m.102 views

Laser-Based Hacking from Afar Goes Beyond Amazon Alexa

Imagine someone hacking into an Amazon Alexa device using a laser beam and then doing some online shopping using that person account. This is a scenario presented by a group of researchers who are exploring why digital home assistants and other sensing systems that use sound commands to perform...

7.5AI score
Exploits0References10
Cvelist
Cvelist
added 2020/11/23 5:30 p.m.23 views

CVE-2018-20803 Infinite loop in aggregation expression

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10...

6.5CVSS6.3AI score0.01269EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/11/23 5:30 p.m.17 views

CVE-2018-20803

Removed by vendor...

6.5CVSS6.5AI score0.01269EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/11/23 12:0 a.m.1 views

PT-2020-8674 · Mongodb · Mongodb Server +1

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 4.0.5 MongoDB Server versions prior to 3.6.10 MongoDB Server versions prior to 3.4.19 Description: A user authorized to perform database queries may trigger denial of service by issuing specially crafted...

6.5CVSS7.2AI score0.01269EPSS
Exploits0References11
CNNVD
CNNVD
added 2020/11/23 12:0 a.m.4 views

MongoDB 输入验证错误漏洞

Mongodb Server is the United States Mongodb company's set of open source NoSQL database . The database provides collection-oriented storage , dynamic query , data replication and automatic failover and other functions . An input validation error vulnerability exists in the MongoDB Server version,...

6.5CVSS6.7AI score0.01269EPSS
Exploits0References3
HackRead
HackRead
added 2020/11/12 6:18 p.m.26 views

Google makes app to lock devices if users default on payment

By Sudais Asif Google ash released an app that aims at locking the devices of users who default on their smartphone financing payments. This is a post from HackRead.com Read the original post: Google makes app to lock devices if users default on payment...

2.8AI score
Exploits0
AlmaLinux
AlmaLinux
added 2020/11/04 12:56 a.m.9 views

idm:DL1 bug fix update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: nsslapd-db-locks patching no longer works BZ1882472...

2.3AI score
Exploits0References1
OSV
OSV
added 2020/11/04 12:56 a.m.12 views

ALBA-2020:4857 idm:DL1 bug fix update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: nsslapd-db-locks patching no longer works BZ1882472...

7.2AI score
Exploits0References1
NVD
NVD
added 2020/07/05 1:15 a.m.12 views

CVE-2020-15530

An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILESX86%\Steam and/or %COMMONPROGRAMFILESX86%\Steam have weak permissions during a critical time window. An attacker can make this time...

7.8CVSS0.00524EPSS
Exploits1References1
OSV
OSV
added 2020/07/05 1:15 a.m.2 views

CVE-2020-15530

An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILESX86%\Steam and/or %COMMONPROGRAMFILESX86%\Steam have weak permissions during a critical time window. An attacker can make this time...

7.8CVSS5.8AI score0.00524EPSS
Exploits1References1
NVD
NVD
added 2020/07/05 1:15 a.m.14 views

CVE-2020-15529

An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak file permissions and can be exploited by using opportunistic locks...

9.3CVSS0.01016EPSS
Exploits0References1
OSV
OSV
added 2020/07/05 1:15 a.m.3 views

CVE-2020-15529

An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak file permissions and can be exploited by using opportunistic locks...

7.8CVSS7.1AI score0.01016EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/07/05 1:15 a.m.21 views

CVE-2020-15530

An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILESX86%\Steam and/or %COMMONPROGRAMFILESX86%\Steam have weak permissions during a critical time window. An attacker can make this time...

7.8CVSS7.1AI score0.00524EPSS
Exploits1References2
Prion
Prion
added 2020/07/05 1:15 a.m.14 views

Design/Logic Flaw

An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILESX86%\Steam and/or %COMMONPROGRAMFILESX86%\Steam have weak permissions during a critical time window. An attacker can make this time...

7.2CVSS7.6AI score0.00524EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/07/05 1:15 a.m.14 views

Design/Logic Flaw

An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak file permissions and can be exploited by using opportunistic locks...

9.3CVSS7.8AI score0.01016EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/05 12:31 a.m.20 views

CVE-2020-15529

An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak file permissions and can be exploited by using opportunistic locks...

7.9AI score0.01016EPSS
Exploits0References1
CVE
CVE
added 2020/07/05 12:31 a.m.75 views

CVE-2020-15530

Valve Steam Client 2.10.91.91 is affected by a local privilege-escalation issue in the installer. The vulnerability arises from weak permissions in parts of %PROGRAMFILES(X86)%\Steam and/or %COMMONPROGRAMFILES(X86)%\Steam during a critical time window, which an attacker can extend using opportuni...

7.8CVSS7.6AI score0.00524EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/07/05 12:31 a.m.19 views

CVE-2020-15530

An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILESX86%\Steam and/or %COMMONPROGRAMFILESX86%\Steam have weak permissions during a critical time window. An attacker can make this time...

7.7AI score0.00524EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/06 12:0 a.m.3 views

bitcoind/Bitcoin-Qt/wxBitcoin Resource Management Errors

Bitcoin is an electronic currency created with open source P2P software. A vulnerability exists in bitcoind and Bitcoin-Qt, wxBitcoin, which stems from the program not taking into account that block sizes may require more database locks. A remote attacker could exploit the vulnerability by...

6.8AI score
Exploits0
Rows per page
Query Builder