Lucene search
K

2567 matches found

Veracode
Veracode
added 2024/08/27 7:41 a.m.6 views

Denial Of Service (DOS)

github.com/mattermost/mattermost-plugin-channel-export is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a failure to restrict concurrent runs of the /export command. The can allow an attacker to consume excessive resource by running the /export command multiple times at...

4.3CVSS6.8AI score0.00434EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/08/26 11:15 a.m.1 views

DEBIAN-CVE-2024-44935

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 11:15 a.m.10 views

AZL-48662 CVE-2024-43892 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...

4.7CVSS6.4AI score0.00229EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/08/26 11:15 a.m.16 views

CVE-2024-44935

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2024/08/26 11:15 a.m.14 views

CVE-2024-43892

In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...

4.7CVSS6.5AI score0.00229EPSS
Exploits0References27
OSV
OSV
added 2024/08/26 11:15 a.m.5 views

UBUNTU-CVE-2024-44935

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...

5.5CVSS6.1AI score0.00226EPSS
Exploits0References26
OSV
OSV
added 2024/08/26 11:15 a.m.4 views

UBUNTU-CVE-2024-43892

In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...

4.7CVSS6.2AI score0.00229EPSS
Exploits0References28
CVE
CVE
added 2024/08/26 10:10 a.m.201 views

CVE-2024-43892

The CVE-2024-43892 entry concerns a race in the Linux kernel memcg subsystem: concurrent idr_remove() calls for mem_cgroup_idr could race with idr_alloc()/idr_replace() and lead to multiple memcgs obtaining the same ID, which in turn can destabilize memcg-related structures and trigger crashes in...

4.7CVSS7.2AI score0.00229EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/26 12:0 a.m.5 views

The vulnerability of the Garbage Collector component of the Mozilla Firefox browser, which allows a hacker to execute arbitrary code.

The vulnerability of the Garbage Collector component in the Mozilla Firefox browser is related to the use of memory after it is freed, as a result of the simultaneous loading of the browser’s own global execution environment and the “garbage collection” process. Exploiting this vulnerability can...

10CVSS8.1AI score0.0036EPSS
Exploits0References11Affected Software3
CNNVD
CNNVD
added 2024/08/26 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unprotected concurrent access when accessing memcgroupidr, leading to a potentially competitive condition...

4.7CVSS6.6AI score0.00229EPSS
Exploits0References6
NVD
NVD
added 2024/08/23 8:15 a.m.11 views

CVE-2024-43105

Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...

4.3CVSS0.00434EPSS
Exploits0References1
OSV
OSV
added 2024/08/23 8:15 a.m.1 views

CVE-2024-43105

Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...

4.3CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2024/08/23 7:25 a.m.48 views

CVE-2024-43105

Mattermost Plugin Channel Export (github.com/mattermost/mattermost-plugin-channel-export) is affected: versions ≤ 1.0.0 do not correctly restrict concurrent /export executions, enabling a user to initiate multiple simultaneous runs and cause resource exhaustion. Root cause: lack of concurrency co...

4.3CVSS4.8AI score0.00434EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/08/23 12:0 a.m.2 views

Mattermost plugin Channel Export 安全漏洞

Mattermost Plugin Channel Export is a plugin from Mattermost USA. A security vulnerability exists in Mattermost plugin Channel Export version 1.0.0 and prior versions, which stems from an inability to limit concurrent runs of the /export command. An attacker can use this vulnerability to consume...

4.3CVSS6.7AI score0.00434EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/23 12:0 a.m.4 views

PT-2024-30297 · Mattermost · Mattermost Plugin Channel Export

Name of the Vulnerable Software and Affected Versions: Mattermost Plugin Channel Export versions = 1.0.0 Description: The issue allows a user to consume excessive resources by running the /export command multiple times at once, due to the failure to restrict concurrent runs of the command. This c...

4.3CVSS7.2AI score0.00434EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2024/08/22 3:31 a.m.13 views

CVE-2022-48941

In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 "ice: Stop processing VF messages during teardown" introduced a driver state flag, ICEVFDEINITINPROGRESS, which is intended to prevent some issues with concurrently...

4.7CVSS5.8AI score0.00164EPSS
Exploits0
CNNVD
CNNVD
added 2024/08/22 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that if snapshot deletion and balancing operations are run concurrently in a production environment...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2024/08/18 2:2 a.m.2 views

SUSE CVE-2024-42302

In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...

5.5CVSS6.3AI score0.00228EPSS
Exploits0References14
OSV
OSV
added 2024/08/17 10:15 a.m.2 views

UBUNTU-CVE-2024-43856

In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...

5.5CVSS6.1AI score0.00398EPSS
Exploits0References31
OSV
OSV
added 2024/08/17 10:15 a.m.1 views

UBUNTU-CVE-2024-43849

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locatoraddr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locatoraddr fields concurrently. Protect them by placing modification of those fields under the...

5.5CVSS6AI score0.00164EPSS
Exploits0References19
Rows per page
Query Builder