AZL-42700 CVE-2024-2511 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

ConfigSync Failure May Be Seen When Delivering App-V, MSIX, or MSIX App Attach Packages

For customers using Delivery Controller Version 2308 and delivering App-V, MSIX or MSIX app attach packages through Citrix, errors with the source “Citrix ConfigSync Service” and the Event ID “505” may be logged to the Windows Event Viewer on Delivery Controllers with the following message: “The...

Important: bind

Issue Overview: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

SUSE CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

PT-2022-14715 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In the GetResolvedMethod function of entrypoint utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution...

CVE-2022-31167 XWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same reference

XWiki Platform Security Parent POM contains the security APIs for XWiki Platform, a generic wiki platform. Starting with version 5.0 and prior to 12.10.11, 13.10.1, and 13.4.6, a bug in the security cache stores rules associated to document Page1.Page2 and space Page1.Page2 in the same cache entr...

CVE-2022-1308

Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-24745 Guest session is shared between customers in shopware

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions guest sessions are shared between customers when HTTP cache is enabled. This can lead to inconsistent experiences for guest users. Setups with Varnish are not affected b...

USN-5126-2 bind9 vulnerability

USN-5126-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame cache when processing responses. A remote attacker could possibl...

SUSE-SU-2021:1445-1 Security update for samba

This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - Avoid free'ing our own pointer in memcache when memcachetrim attempts to reduce cache size bsc1179156. - Adjust smbcacls '--propagate-inheritance' feature to align with upstre...

SUSE-SU-2021:1438-1 Security update for samba

This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - Avoid free'ing our own pointer in memcache when memcachetrim attempts to reduce cache size bsc1179156. - Adjust smbcacls '--propagate-inheritance' feature to align with upstre...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in macOS due to the way Safari on macOS handles cache usage. The following products and versions are affected: macOS: 11.0 20A2411, 11.0.1 20B29, 11.0.1 20B50, 11.1 20C69, 11.2...

CVE-2021-24027

A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read cached TLS material...

DEBIAN-CVE-2020-5255

In Symfony before versions 4.4.7 and 5.0.7, when a Response does not contain a Content-Type header, affected versions of Symfony can fallback to the format defined in the Accept header of the request, leading to a possible mismatch between the response's content and Content-Type header. When the...

GHSA-8554-JXCW-454Q Webargs mishandles concurrent JSON parsing

An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. JSON parsing uses a short-lived cache to store the parsed JSON body. This cache is not thread-safe, meaning that incorrect JSON payloads could have been parsed for concurrent requests...

UBUNTU-CVE-2019-5762

Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

CVE-2018-11909

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /cache/ which presents a potential issue...

DEBIAN-CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

CVE-2018-5532

On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within the DNS Cache of TMM may continue to be resolved by the cache even after the parent server revokes the record, if the DNS Cache is receiving a stream of requests for the cached name...

Security Bulletin: Multiple Vulnerabilities fixed in IBM Security Directory Server

Summary Multiple Security Vulnerabilities fixed in the IBM Tivoli/Security Directory Server product. Vulnerability Details CVEID: CVE-2015-1978 DESCRIPTION: IBM Security Directory Server is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker...