Lucene search
K

2562 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.2 views

SUSE CVE-2005-3510

Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service CPU consumption via a large number of simultaneous requests to list a web directory that has a large number of files...

5CVSS6.9AI score0.05954EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.1 views

SUSE CVE-2010-0172

toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorizati...

4.3CVSS9AI score0.01413EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.3 views

SUSE CVE-2011-1486

libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service crash by causing multiple threads to report errors at the same time...

3.3CVSS6.9AI score0.01199EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.4 views

SUSE CVE-2016-2774

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service INSIST assertion failure or request-processing outage by establishing many sessions...

5.9CVSS8.5AI score0.73622EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.3 views

SUSE CVE-2016-5242

The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...

5.6CVSS6.2AI score0.00342EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:56 a.m.4 views

SUSE CVE-2016-8745

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...

7.5CVSS9.4AI score0.16038EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.1 views

SUSE CVE-2017-10913

The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...

8.1CVSS9.1AI score0.02815EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:41 a.m.4 views

SUSE CVE-2017-12836

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."...

5CVSS8.7AI score0.05968EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.4 views

SUSE CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

7CVSS7.6AI score0.00519EPSS
Exploits0References30
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.2 views

SUSE CVE-2018-19364

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to for example a use-after-free outcome...

5.3CVSS6.9AI score0.0053EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.1 views

SUSE CVE-2019-17185

In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BNCTX instance to handle all handshakes. This mean multiple threads use the same BNCTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a...

7.5CVSS9.2AI score0.02168EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.4 views

SUSE CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...

5.3CVSS6.8AI score0.57286EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.3 views

SUSE CVE-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

7.5CVSS7.3AI score0.02893EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.3 views

SUSE CVE-2020-35513

A flaw incorrect umask during file or directory modification in the Linux kernel NFS network file system functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with...

4.4CVSS6.1AI score0.01347EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.4 views

SUSE CVE-2021-22897

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPTSSLCIPHERLIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising...

5.3CVSS6.7AI score0.02979EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.2 views

SUSE CVE-2022-22677

A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call...

4.3CVSS6.2AI score0.00633EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.3 views

SUSE CVE-2022-40960

Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

6.5CVSS8.9AI score0.00947EPSS
Exploits0References8
NVD
NVD
added 2023/02/08 5:15 a.m.49 views

CVE-2023-0739

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in GitHub repository answerdev/answer prior to 1.0.4...

8.1CVSS7AI score0.0069EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/02/08 12:0 a.m.47 views

CVE-2023-0739 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in answerdev/answer

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in GitHub repository answerdev/answer prior to 1.0.4...

8.1CVSS6.9AI score0.0069EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/02/08 12:0 a.m.7 views

PT-2023-16492 · Answerdev · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to a Race Condition, which occurs due to concurrent execution using a shared resource with improper synchronization. This problem is identified in the GitHub repositor...

8.1CVSS8.3AI score0.0069EPSS
Exploits1References10
Rows per page
Query Builder