99 matches found
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Amazon Linux 2 : kernel (ALAS-2020-1440)
The version of kernel installed on the remote host is prior to 4.14.177-139.253. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1440 advisory. A flaw was found in the Linux kernel's implementation of the BFQ IO scheduler. This flaw allows a local user able ...
Important: kernel
Issue Overview: A flaw was found in the Linux kernel's implementation of the BFQ IO scheduler. This flaw allows a local user able to groom system memory to cause kernel memory corruption and possible privilege escalation by abusing a race condition in the IO scheduler. CVE-2020-12657 A flaw was...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
acegisecurity:acegi-security-domain (=0.9.0), ai.databand.azkaban:azkaban-web-server (=3.18.0) +16311 more potentially affected by CVE-2020-10683 via dom4j:dom4j (>=1.1 <=1.6.1)
dom4j:dom4j MAVEN version =1.1, =1.4.1, =1.4.1, =1.4.1, =1.2.0, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =0.6.1, =1.0.0, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2020-10683 Source advisory: OSV:GHSA-HWJ3-M3P6-HJ38...
Privilege Escalation
wildfly is vulnerable to privilege escalation. The vulnerability exists as the EJBContext principal is not popped back after invoking another EJB using a different Security Domain...
Integer overflow
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because execid in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a donotifyparent protection mechanism. A child process can send an arbitrary signal to a parent...
UBUNTU-CVE-2020-12826
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because execid in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a donotifyparent protection mechanism. A child process can send an arbitrary signal to a parent...
CVE-2020-12826
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because execid in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a donotifyparent protection mechanism. A child process can send an arbitrary signal to a parent...
CVE-2020-12826
CVE-2020-12826 affects the Linux kernel before 5.6.5. The root cause is an integer overflow in exec_id (include/linux/sched.h) due to 32-bit sizing, which can allow a child process to send an arbitrary signal to a parent process in a different security domain, bypassing protection. A patched vers...
CVE-2020-12826
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because execid in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a donotifyparent protection mechanism. A child process can send an arbitrary signal to a parent...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...
Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...