Lucene search
K

2562 matches found

Code423n4
Code423n4
added 2023/10/06 12:0 a.m.7 views

Race condition on timeWeightedWeeklyGlobalConcLiquidityLastSet_ can lead to incorrect rewards.

Lines of code Vulnerability details Impact timeWeightedWeeklyGlobalConcLiquidityLastSet is read and written in multiple functions. If two transactions call at similar times, the state updates could overwrite each other. The timeWeightedWeeklyGlobalConcLiquidityLastSet state variable is used in...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/09/29 12:0 a.m.7 views

The vulnerability of the __ip_set_put_netlink() function in the net/netfilter/ipset/ip_set_core.c module of the netfilter kernel of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the ipsetputnetlink function in the net/netfilter/ipset/ipsetcore.c module of the netfilter component of the Linux operating system is related to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause service interruptions...

4.7CVSS6.4AI score0.00277EPSS
Exploits1References14Affected Software4
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.23 views

Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-011)

The version of tomcat installed on the remote host is prior to 8.5.58-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT8.5-2023-011 advisory. If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the...

4.3CVSS6.9AI score0.57286EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.19 views

FreeBSD : xrdp -- Improper handling of session establishment errors allows bypassing OS-level session restrictions (c9ff1150-5d63-11ee-bbae-1c61b4739ac9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c9ff1150-5d63-11ee-bbae-1c61b4739ac9 advisory. - xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper...

6.5CVSS5.7AI score0.00728EPSS
Exploits0References4
Amazon
Amazon
added 2023/09/25 12:0 a.m.4 views

Medium: tomcat

Issue Overview: If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that...

4.3CVSS6.8AI score0.57286EPSS
Exploits0
Veracode
Veracode
added 2023/09/20 10:46 a.m.40 views

Denial Of Service

grpc is vulnerable to Denial Of Service. The vulnerability is due to improper error handling in TCP server which allows an attacker to initiate number of concurrent connections with the server leading to denial of service...

7.5CVSS6.6AI score0.00666EPSS
Exploits0References6Affected Software2
Positive Technologies
Positive Technologies
added 2023/09/18 12:0 a.m.6 views

PT-2023-36020 · Spring · Spring

Name of the Vulnerable Software and Affected Versions: Spring versions affected versions not specified Description: The issue is related to a security exception in the org.springframework.expression.spel.ast.OpPlus.getValueInternal function. It involves the...

7AI score
Exploits0References2
OSV
OSV
added 2023/09/12 8:15 a.m.2 views

CVE-2022-4896

Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the server of pop-up windows with the messages "PNTMEDIDAS", "PEDIR", "HAYDISCOA" or "SPOOLER". A complete denial of service can be achieved by sending multiple requests simultaneously on a core...

7.5CVSS5.8AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/09/04 4:0 p.m.2 views

Mozilla: Memory corruption in IPC FilePickerShownCallback

The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...

6.5CVSS7.2AI score0.00571EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.4 views

Mozilla Firefox 资源管理错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox suffers from a Resource Management Error vulnerability that stems from the fact that when creating callbacks via IPC to display a file chooser window, multiple identical callbacks may be created at the same...

6.5CVSS7.4AI score0.00571EPSS
Exploits0References16
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.4 views

Mozilla Firefox 资源管理错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox suffers from a resource management error vulnerability that stems from the fact that when creating a callback to display a color picker window via IPC, multiple identical callbacks may be created...

6.5CVSS7.4AI score0.00571EPSS
Exploits0References16
BDU FSTEC
BDU FSTEC
added 2023/08/01 12:0 a.m.3 views

The vulnerability of the idt77252_exit() function in the drivers/atm/idt77252.c file of the ATM network driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the idt77252exit function in the drivers/atm/idt77252.c file of the ATM network driver for the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to...

7CVSS6.6AI score0.00405EPSS
Exploits1References27Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/07/21 12:0 a.m.3 views

The vulnerability of the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter packet filtering subsystem allows a attacker to escalate their privileges and compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nftchainlookupbyid function in the net/netfilter/nftablesapi.c module of the Linux kernel’s packet filtering subsystem is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker t...

7.8CVSS6.5AI score0.02163EPSS
Exploits0References15Affected Software5
OSV
OSV
added 2023/07/20 9:50 a.m.7 views

SUSE-SU-2023:2917-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana: - Update to version 9.5.5: CVE-2023-3128: Fix authentication bypass using Azure AD OAuth bsc1212641, jscPED-3694 Bug fixes: Auth: Show invite button if disable login form is set to false. Azure: Fix Kusto auto-completion for Azure datasources. RBAC...

9.8CVSS8.5AI score0.04094EPSS
Exploits1References7
NVD
NVD
added 2023/07/04 5:15 a.m.19 views

CVE-2023-21672

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions...

8.4CVSS8.6AI score0.00111EPSS
Exploits0References1
Prion
Prion
added 2023/07/04 5:15 a.m.14 views

Memory corruption

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions...

4.3CVSS7.8AI score0.00111EPSS
Exploits0References1
CVE
CVE
added 2023/07/04 4:46 a.m.113 views

CVE-2023-21672

CVE-2023-21672 is a memory corruption issue in Qualcomm Audio when concurrent tunnel playback or concurrent audio tunnel recording sessions occur. The vulnerability affects Qualcomm components (Audio) and has a high impact with local attack vector; CVSS details indicate high confidentiality, inte...

8.4CVSS8.1AI score0.00111EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/04 4:46 a.m.25 views

CVE-2023-21672 Use After Free in Audio

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions...

8.4CVSS8.8AI score0.00111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/04 12:0 a.m.5 views

PT-2023-18333 · Qualcomm · Snapdragon +51

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the audio component when concurrent tunnel playback or audio tunnel recording sessions are running. This can...

8.4CVSS6.8AI score0.00111EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/04 12:0 a.m.5 views

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption issue when running concurrent tunnel playback or concurrent audio tunnel recording...

8.4CVSS7.4AI score0.00111EPSS
Exploits0References3
Rows per page
Query Builder