2566 matches found
Apache Answer 竞争条件问题漏洞
Apache Answer is a community platform of the Apache USA Foundation. Apache Answer 1.2.1 and prior versions suffer from a Competing Conditions vulnerability, which arises from improper handling of concurrent access when concurrent code requires mutually exclusive access to shared resources during...
SUSE SLES12: postgresql13 / postgresql13-contrib / postgresql13-devel / etc (SUSE-SU-2024:0541-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0541-1 advisory. Upgrade to 13.14: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679. Tenable has...
Exploit for Path Traversal in Jenkins
CVE-2024-23897: Jenkins Arbitrary File Read Vulnerability Lead...
Exploit for PHP External Variable Modification in Juniper Junos
CVE-2023-36845 This script provides an automated Proof of C...
postgresql-server -- non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL
PostgreSQL Project reports: One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with th...
No License consumption after changing the License type
After changing the License type to concurrent the Licenses were not consumed License usage showed as 0 Used...
The vulnerability of the amdgpu_cs_wait_all_fences() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c driver for AMD Radeon graphics cards in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the amdgpucswaitallfences function in the drivers/gpu/drm/amd/amdgpu/amdgpucs.c driver for AMD Radeon graphics cards in the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability...
Proxmox VE - TOTP Brute Force
Exploit Title: Proxmox VE TOTP Brute Force Date: 09/23/2023 Exploit Author: Cory Cline, Gabe Rust Vendor Homepage: https://www.proxmox.com/en/ Software Link: http://download.proxmox.com/iso/ Version: 5.4 - 7.4-1 Tested on: Debian CVE : CVE-2023-43320 import time import requests import urllib.pars...
CVE-2024-21601
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...
Race condition
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...
GHSA-F899-4MR4-FQPV Apache Answer Race Condition vulnerability
Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarke...
CVE-2023-49619
Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarke...
Race condition
Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarke...
CVE-2023-49619 Apache Answer: Repeated submissions using scripts resulted in an abnormal number of collections for questions.
Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarke...
The vulnerability of the bt_sock_recvmsg() function in the net/bluetooth/af_bluetooth.c module of the Linux kernel Bluetooth driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the btsockrecvmsg function in the net/bluetooth/afbluetooth.c module of the Linux kernel’s Bluetooth driver is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the do_vcc_ioctl() function in the net/atm/ioctl.c module, which implements the ATM network protocol in the Linux operating system’s kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dovccioctl function in the net/atm/ioctl.c module, which implements the ATM network protocol in the Linux operating system, is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attack...
The vulnerability of the atalk_ioctl() function in the net/appletalk/ddp.c module, which is part of the AppleTalk protocol implementation in the Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the atalkioctl function in the net/appletalk/ddp.c module, which implements the Appletalk protocol in the Linux kernel, is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to...
AZL-32284 CVE-2023-6546 affecting package kernel for versions less than 5.15.148.1-1
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...
Denial Of Service (DoS)
apachesuperset is vulnerable to Denial Of Service DoS. The vulnerability is caused by a lack rate limiting in the API and dashboard functionalities. An attacker with authenticated access, could exploit this vulnerability by initiating multiple concurrent requests for dashboard exports. This can...
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability
An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service. This issue affects Apache Superset: before 3.0.0...