2562 matches found
Race condition on timeWeightedWeeklyGlobalConcLiquidityLastSet_ can lead to incorrect rewards.
Lines of code Vulnerability details Impact timeWeightedWeeklyGlobalConcLiquidityLastSet is read and written in multiple functions. If two transactions call at similar times, the state updates could overwrite each other. The timeWeightedWeeklyGlobalConcLiquidityLastSet state variable is used in...
The vulnerability of the __ip_set_put_netlink() function in the net/netfilter/ipset/ip_set_core.c module of the netfilter kernel of the Linux operating system allows a hacker to induce a service failure.
The vulnerability of the ipsetputnetlink function in the net/netfilter/ipset/ipsetcore.c module of the netfilter component of the Linux operating system is related to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause service interruptions...
Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-011)
The version of tomcat installed on the remote host is prior to 8.5.58-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT8.5-2023-011 advisory. If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the...
FreeBSD : xrdp -- Improper handling of session establishment errors allows bypassing OS-level session restrictions (c9ff1150-5d63-11ee-bbae-1c61b4739ac9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c9ff1150-5d63-11ee-bbae-1c61b4739ac9 advisory. - xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper...
Medium: tomcat
Issue Overview: If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that...
Denial Of Service
grpc is vulnerable to Denial Of Service. The vulnerability is due to improper error handling in TCP server which allows an attacker to initiate number of concurrent connections with the server leading to denial of service...
PT-2023-36020 · Spring · Spring
Name of the Vulnerable Software and Affected Versions: Spring versions affected versions not specified Description: The issue is related to a security exception in the org.springframework.expression.spel.ast.OpPlus.getValueInternal function. It involves the...
CVE-2022-4896
Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the server of pop-up windows with the messages "PNTMEDIDAS", "PEDIR", "HAYDISCOA" or "SPOOLER". A complete denial of service can be achieved by sending multiple requests simultaneously on a core...
Mozilla: Memory corruption in IPC FilePickerShownCallback
The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...
Mozilla Firefox 资源管理错误漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox suffers from a Resource Management Error vulnerability that stems from the fact that when creating callbacks via IPC to display a file chooser window, multiple identical callbacks may be created at the same...
Mozilla Firefox 资源管理错误漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox suffers from a resource management error vulnerability that stems from the fact that when creating a callback to display a color picker window via IPC, multiple identical callbacks may be created...
The vulnerability of the idt77252_exit() function in the drivers/atm/idt77252.c file of the ATM network driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the idt77252exit function in the drivers/atm/idt77252.c file of the ATM network driver for the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter packet filtering subsystem allows a attacker to escalate their privileges and compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nftchainlookupbyid function in the net/netfilter/nftablesapi.c module of the Linux kernel’s packet filtering subsystem is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker t...
SUSE-SU-2023:2917-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: grafana: - Update to version 9.5.5: CVE-2023-3128: Fix authentication bypass using Azure AD OAuth bsc1212641, jscPED-3694 Bug fixes: Auth: Show invite button if disable login form is set to false. Azure: Fix Kusto auto-completion for Azure datasources. RBAC...
CVE-2023-21672
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions...
Memory corruption
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions...
CVE-2023-21672
CVE-2023-21672 is a memory corruption issue in Qualcomm Audio when concurrent tunnel playback or concurrent audio tunnel recording sessions occur. The vulnerability affects Qualcomm components (Audio) and has a high impact with local attack vector; CVSS details indicate high confidentiality, inte...
CVE-2023-21672 Use After Free in Audio
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions...
PT-2023-18333 · Qualcomm · Snapdragon +51
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the audio component when concurrent tunnel playback or audio tunnel recording sessions are running. This can...
Qualcomm Chipsets 资源管理错误漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption issue when running concurrent tunnel playback or concurrent audio tunnel recording...