505 matches found
PT-2022-35493 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue arises when the code attempts to access the sk wq of a socket sock that is already dead. This could potentially lead to security vulnerabilities, although the actual impact and...
PT-2022-35749 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: The issue arises when the code attempts to access the sk wq of a socket sock that is already dead. This could potentially lead to security vulnerabilities, although the actual impact and...
GSD-2022-1005280 Bluetooth: When HCI work queue is drained, only queue chained work
Bluetooth: When HCI work queue is drained, only queue chained work This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
CVE-2022-34558
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...
PYSEC-2022-43163
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...
PYSEC-2022-43174
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...
PYSEC-2022-43136
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...
kernel: RDMA/rxe: Return CQE error if invalid lkey was supplied
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCALWRITE failures. This caused the following kernel panic if someone sent an atomic operation with an explicitly wrong lkey. leonro@...
CVE-2021-35562
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access vi...
CVE-2021-35562
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access vi...
Design/Logic Flaw
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access vi...
CVE-2021-35562
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access vi...
CVE-2021-35562
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access vi...
CVE-2021-35562
CVE-2021-35562 affects Oracle E-Business Suite Universal Work Queue (Work Provider Site Level Administration). Affects versions 12.1.1–12.1.3 and 12.2.3–12.2.10. Root cause not explicitly detailed in the provided documents, but impact per CVSS is high: low-privilege, network (HTTP) attacker can c...
Oracle E-Business Suite Unauthorized Access Vulnerability (CNVD-2022-02349)
Oracle E-Business Suite is an extension of the original Application ERP and includes a collection of ERP Enterprise Resource Planning Management, HR Human Resource Management, CRM Customer Relationship Management and other applications that are seamlessly integrated into one management suite...
Oracle E-Business Suite和Oracle Universal Work Queue 安全漏洞
Oracle E-Business Suite is an extension of the original Application ERP and includes a collection of ERP Enterprise Resource Planning Management, HR Human Resource Management, CRM Customer Relationship Management and other applications that are seamlessly integrated into one management suite...
GSD-2021-1000024 dmaengine: idxd: fix wq size store permission state
dmaengine: idxd: fix wq size store permission state This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.16 by commit...
UVI-2021-1000024 dmaengine: idxd: fix wq size store permission state
dmaengine: idxd: fix wq size store permission state This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.16 by commit...
UVI-2021-1000030 dmaengine: idxd: fix wq size store permission state
dmaengine: idxd: fix wq size store permission state This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.32 by commit...
CVE-2021-2246
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...