Lucene search
K

3946 matches found

BDU FSTEC
BDU FSTEC
added 2021/07/30 12:0 a.m.2 views

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are caused by synchronization errors when using a common resource. This allows an attacker to escape the isolated software environment.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are caused by synchronization errors when using a common resource. Exploiting these vulnerabilities can allow an attacker to escape from a isolated software environment...

10CVSS7.5AI score0.00954EPSS
Exploits0References5Affected Software4
RedHat Linux
RedHat Linux
added 2021/07/21 12:4 a.m.3 views

389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. The highest threat from this vulnerability is t...

6.5CVSS5.8AI score0.01177EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2021/07/21 12:0 a.m.71 views

Security update for icinga2 (moderate)

openSUSE Security Update: Security update for icinga2 Announcement ID: openSUSE-SU-2021:1069-1 Rating: moderate References: 1180147 Cross-References: CVE-2020-29663 CVSS scores: CVE-2020-29663 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2020-29663 SUSE: 5.3...

5.3CVSS7.2AI score0.01554EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.6 views

The vulnerability of the FortiSandbox threat detection and mitigation system, related to synchronization errors when using a shared resource, allows a perpetrator to trigger a service failure.

The vulnerability of the FortiSandbox threat detection and mitigation system arises from synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to cause service interruptions...

6.3CVSS5.9AI score0.00503EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2021/07/15 12:0 a.m.9 views

Nextcloud Cross-Site Scripting Vulnerability (CNVD-2021-51801)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nextcloud Text in versions prior to 19.0.13, 20.0.11 and 21.0.3. No detailed vulnerability details are availabl...

6.1CVSS5.9AI score0.01106EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/15 12:0 a.m.7 views

Unspecified vulnerability in Nextcloud (CNVD-2021-51803)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3 can be exploited by an attacker to enumerate potentially valid...

5.3CVSS6.6AI score0.01322EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/15 12:0 a.m.8 views

Nextcloud Information Disclosure Vulnerability (CNVD-2021-51797)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3, which could result in the full path of a...

5.3CVSS5.9AI score0.01381EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/15 12:0 a.m.8 views

Unspecified vulnerability in Nextcloud (CNVD-2021-51795)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.011, and 21.0.3, which can be exploited by an attacker to enumerate...

7.5CVSS6.6AI score0.01702EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/07/13 12:0 a.m.6 views

The vulnerability of the ManageOne data center management system, caused by synchronization errors when using a shared resource, allows a hacker to trigger a service failure.

The vulnerability of the ManageOne data center management system arises from synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS5.5AI score0.00114EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/07/12 4:6 a.m.6 views

OPENSUSE-SU-2021:1029-1 Security update for icinga2

This update for icinga2 fixes the following issues: icinga2 was updated to 2.12.4 Bugfixes - Fix a crash when notification objects are deleted using the API 8782 - Fix crashes that might occur during downtime scheduling if host or downtime objects are deleted using the API 8785 - Fix an issue whe...

9.1CVSS9.4AI score0.01554EPSS
Exploits0References3
Prion
Prion
added 2021/07/09 7:15 p.m.21 views

Race condition

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

6.3CVSS5.4AI score0.00503EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/09 6:26 p.m.24 views

CVE-2020-29014

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

6.3CVSS6.4AI score0.00503EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/07/09 6:26 p.m.14 views

CVE-2020-29014

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

6.3CVSS7.2AI score0.00503EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/07/07 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2021-2151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.04071EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/07/06 12:0 a.m.45 views

EulerOS Virtualization 3.0.2.2 : ntp (EulerOS-SA-2021-2151)

According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a serv...

7.5CVSS6.5AI score0.04071EPSS
Exploits0References3
CNVD
CNVD
added 2021/07/05 12:0 a.m.6 views

Zoho ManageEngine ADSelfService Plus Information Disclosure Vulnerability

Zoho ManageEngine ADSelfService Plus is a web-based self-service application that enables end-users to perform tasks such as password reset, account unlocking, profile information update, etc. without relying on the help desk. An information disclosure vulnerability exists in Zoho ManageEngine...

5.9CVSS6.1AI score0.04294EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.5 views

zoho manageengine adselfservice plus 安全漏洞

Zoho ManageEngine ADSelfService Plus is a web-based self-service application that enables end-users to perform tasks such as password reset, account unlocking, profile information update, etc. without relying on the help desk. An information disclosure vulnerability exists in Zoho ManageEngine...

5.9CVSS5.6AI score0.04294EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/06/30 12:0 a.m.5 views

Vulnerability of the wrapUserThread function in AudioStream.cpp in the Android operating system, allowing a hacker to escalate their privileges

The vulnerability of the wrapUserThread function in AudioStream.cpp in the Android operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7CVSS7AI score0.00093EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2021/06/29 8:42 p.m.5 views

389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. The highest threat from this vulnerability is t...

6.5CVSS5.8AI score0.01177EPSS
Exploits0References5
OSV
OSV
added 2021/06/29 1:43 p.m.8 views

ALBA-2021:2573 sanlock bug fix and enhancement update

The sanlock packages provide a shared storage lock manager. Hosts with shared access to a block device or a file can use sanlock to synchronize their activities. VDSM and libvirt use sanlock to synchronize access to shared devices or files. Bug Fixes and Enhancements: bad client message causes...

7.2AI score
Exploits0
Rows per page
Query Builder