7517 matches found
OESA-2021-1328 glibc security update
The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...
Cisco Issues Critical Fixes for High-End Nexus Gear
Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity. The most serious of the bugs patched by Cisco rated 9.1 out of 10 could allow a remote and unauthenticated adversary to read or write arbitra...
GHSA-PQQP-XMHJ-WGCW crossbeam-deque Data Race before v0.7.4 and v0.8.1
Impact In the affected version of this crate, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, th...
crossbeam-deque Data Race before v0.7.4 and v0.8.1
Impact In the affected version of this crate, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, th...
GHSA-75CQ-G75G-RXFF use-after-free vulnerability in Rust array-queue
An issue was discovered in the array-queue crate through 2020-09-26 for Rust. A popback call may lead to a use-after-free...
use-after-free vulnerability in Rust array-queue
An issue was discovered in the array-queue crate through 2020-09-26 for Rust. A popback call may lead to a use-after-free...
GHSA-V42F-J8FX-99F3 Queue<T> should have a Send bound on its Send/Sync traits
Affected versions of this crate unconditionally implements Send/Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...
Queue<T> should have a Send bound on its Send/Sync traits
Affected versions of this crate unconditionally implements Send/Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...
GHSA-JF43-3V8J-QWWR Data races in multiqueue
Affected versions of multiqueue unconditionally implemented Send for types used in queue implementations InnerSend, InnerRecv, FutInnerSend, FutInnerRecv. This allows users to send non-Send types to other threads, which can lead to data race bugs or other undefined behavior...
GHSA-JPHW-P3M6-PJ3C Data races in multiqueue2
Affected versions of this crate unconditionally implemented Send for types used in queue implementations InnerSend, InnerRecv, FutInnerSend, FutInnerRecv. This allows users to send non-Send types to other threads, which can lead to data race bugs or other undefined behavior. The flaw was correcte...
GHSA-C3CW-C387-PJ65 Double free in crossbeam
Even if an element is popped from a queue, crossbeam would run its destructor inside the epoch-based garbage collector. This is a source of double frees. The flaw was corrected by wrapping elements inside queues in a ManuallyDrop...
Double free in crossbeam
Even if an element is popped from a queue, crossbeam would run its destructor inside the epoch-based garbage collector. This is a source of double frees. The flaw was corrected by wrapping elements inside queues in a ManuallyDrop...
CVE-2021-1523
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...
CVE-2021-1523
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...
CVE-2021-1523 Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...
Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...
jenkins: improper permission checks allow canceling queue items and aborting builds
Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...
Vulnerability found in Microsoft Printer Spooler service
A vulnerability has been found in the Print Spooler service of Microsoft Windows. A local malicious person without administrator privileges can exploit this vulnerability by connecting to a rogue print server. From this print server, a printer driver is then installed. Although the driver should...
CVE-2020-36453
An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue...
CVE-2020-36453
An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue...