Ensure on-chain that cache is synced

Handle GreyArt Vulnerability details Impact Currently, many core operations like NestedFactory.create, NestedFactory.swapTokenForTokens are dependent on the assumption that the cache is synced before these functions are executed however this may not necessarily be the case. Proof of Concept 1...

The vulnerability of the web interface of the operating system PAN-OS allows a perpetrator to enhance their privileges and execute arbitrary code.

The vulnerability of the PAN-OS operating system’s web interface is related to synchronization errors when using common resources. Exploiting this vulnerability can allow a remote attacker to increase their privileges and execute arbitrary code...

CVE-2021-30263

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

Race condition

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2021-30263

CVE-2021-30263 is a Qualcomm/ Snapdragon-focused race-condition vulnerability caused by a lack of synchronization when the On-Device Logging node is opened twice concurrently. Public details specify affected families and devices, including Snapdragon Compute/Industrial IOT/Mobile/Voice & Music li...

CVE-2021-30263

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

The vulnerability of the Password Synchronization Plug-in of the IBM Security Identity Manager allows a perpetrator to modify the passwords of other users.

The vulnerability of the Password Synchronization Plug-in of the IBM Security Identity Manager relates to deficiencies in the segmentation of the controlled system area. Exploiting this vulnerability could allow an intruder operating remotely to gain unauthorized access to protected information...

Microsoft Azure Sphere Pluton concurrent syscalls denial of service vulnerability

Summary A denial of service vulnerability exists in the Pluton syscalls functionality of Microsoft Azure Sphere 21.01, 21.06 and 21.07. A specially-crafted set of syscalls executed in parallel by an unprivileged process can lead to the crash of Pluton, resulting in a device reboot denial of...

Mozilla Firefox Security Advisory (MFSA2016-73) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2021-36181

A concurrent execution using shared resource with improper Synchronization vulnerability 'Race Condition' in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific...

Race condition

A concurrent execution using shared resource with improper Synchronization vulnerability 'Race Condition' in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific...

FortiPortal - Improper thread synchronization for database operations

A concurrent execution using shared resource with improper Synchronization vulnerability 'Race Condition' CWE-362 in the customer database interface of FortiPortal may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific...

Nextcloud has an unspecified vulnerability (CNVD-2022-18417)

Nextcloud is an open source, self-hosted file synchronization and sharing communications application platform from Nextcloud, a German company. nextcloud has a security vulnerability that stems from an improper design or implementation during the development of code for a networked system or...

Nextcloud OfficeOnline Information Disclosure Vulnerability

Nextcloud is an open source, self-hosted file synchronization and sharing communications application platform from Nextcloud Germany. nextcloud OfficeOnline applications prior to version 1.1.1 are vulnerable to an information disclosure vulnerability in which the vulnerable application returns...

Nextcloud Richdocuments Information Disclosure Vulnerability

Nextcloud is a set of open source self-hosted file synchronization and sharing communication applications platform from Germany-based Nextcloud. nextcloud Richdocuments application in versions prior to 3.8.6 and 4.2.3 is vulnerable to an information disclosure vulnerability where the vulnerable...

Nextcloud file traversal vulnerability

Nextcloud is an open source set of self-hosted file synchronization and sharing communication applications platform from Germany-based Nextcloud. nextcloud has a file traversal vulnerability in versions prior to 20.0.13, 21.0.5, and 22.2.0, which stems from a lack of authentication, access contro...

389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. The highest threat from this vulnerability is t...

High school student rickrolls entire school district, and gets praised

A student at a high school in Cook County successfully hacked into the Internet-of-Things IoT devices of one of the largest school districts in Illinois, and gave everyone a surprise. Minh aka @WhiteHoodHacker on Twitter who attends Elk Grove—a name that curiously resembles the home town of...

OPENSUSE-SU-2021:1370-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2021-33910: Fixed use of strdupa on a path bsc1188063. - logind: terminate cleanly on SIGTERM/SIGINT bsc1188018. - Adopting BFQ to control I/O jscSLE-21032, bsc1134353. - Rules weren't applied to dm devices multipath bsc1188713. - Ignore...

GitHub Revoked Insecure SSH Keys Generated by a Popular git Client

Code hosting platform GitHub has revoked weak SSH authentication keys that were generated via the GitKraken git GUI client due to a vulnerability in a third-party library that increased the likelihood of duplicated SSH keys. As an added precautionary measure, the Microsoft-owned company also said...