Lucene search
K

2557 matches found

RedHat Linux
RedHat Linux
added 2021/10/28 7:52 a.m.6 views

tomcat: Apache Tomcat HTTP/2 Request mix-up

A flaw was found in Apache Tomcat. If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it is possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - fro...

4.3CVSS7.1AI score0.57286EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.2 views

The vulnerability of the dbus utility in the “Avrora” operating system allows a hacker to trigger the racing mode and perform a service denial.

The vulnerability of the dbus utility in the “Avrora” operating system is related to the simultaneous, numerous accesses by an application to the hardware components. Exploiting this vulnerability allows a perpetrator to trigger a race condition and cause a service failure by running multiple...

7.1CVSS5.5AI score
Exploits0Affected Software2
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.9 views

FreeBSD 竞争条件问题漏洞

FreeBSD is a set of Unix-like operating systems from the Freebsd Foundation. FreeBSD suffers from a Competing Conditions Problem vulnerability that arises from improper handling of concurrent accesses during operation of a networked system or product where concurrent code requires mutually...

4.3CVSS5.2AI score0.00734EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/10/14 12:0 a.m.4 views

PT-2021-4740 · Apple · Webkit +1

Name of the Vulnerable Software and Affected Versions: Mac OS affected versions not specified Description: The issue is related to a module for displaying web pages in WebKit, which is part of the Mac OS operating system family. It involves the possibility of concurrent execution using a shared...

3.1CVSS5.7AI score0.01116EPSS
Exploits2References22
CNNVD
CNNVD
added 2021/10/12 12:0 a.m.4 views

Puma 环境问题漏洞

Puma is a web server for highly concurrent applications by Evan Phoenix, an individual developer in the United States. Puma is vulnerable to an environmental issue that arises from improper design or implementation during code development of a web system or product...

3.7CVSS7.1AI score0.01119EPSS
Exploits0References13
CNVD
CNVD
added 2021/09/23 12:0 a.m.18 views

Mozilla Rust Buffer Overflow Vulnerability (CNVD-2021-85300)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to cause errors in data contention in concurrent programs...

8.1CVSS5.2AI score0.00766EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/05 12:0 a.m.3 views

Huawei HarmonyOS 竞争条件问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition issue vulnerability exists in Huawei HarmonyOS, which arises from improper handling of concurrent accesses when a component of the...

4.3CVSS5.2AI score0.00342EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/08/25 9:0 p.m.17 views

Data races in v9

Affected versions of this crate unconditionally implement Sync for SyncRef. This definition allows data races if &T is accessible through &SyncRef. SyncRef derives Clone and Debug, and the default implementations of those traits access &T by invoking T::clone & T::fmt. It is possible to create da...

6.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2021/08/25 9:0 p.m.23 views

GHSA-PFJQ-935C-4895 Data races in v9

Affected versions of this crate unconditionally implement Sync for SyncRef. This definition allows data races if &T is accessible through &SyncRef. SyncRef derives Clone and Debug, and the default implementations of those traits access &T by invoking T::clone & T::fmt. It is possible to create da...

8.1CVSS8AI score0.01059EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2021/08/25 9:0 p.m.12 views

Data races in tiny_future

tinyfuture contains a light-weight implementation of Futures. The Future type it has lacked bound on its Send and Sync traits. This allows for a bug where non-thread safe types such as Cell can be used in Futures and cause data races in concurrent programs. The flaw was corrected in commit c79191...

6.7AI score
Exploits0References5Affected Software1
OSV
OSV
added 2021/08/25 9:0 p.m.15 views

GHSA-M296-J53X-XV95 Data races in tiny_future

tinyfuture contains a light-weight implementation of Futures. The Future type it has lacked bound on its Send and Sync traits. This allows for a bug where non-thread safe types such as Cell can be used in Futures and cause data races in concurrent programs. The flaw was corrected in commit c79191...

8.1CVSS7.8AI score0.00766EPSS
Exploits0References5
OSV
OSV
added 2021/08/25 9:0 p.m.2 views

GHSA-VJ88-5667-W56P Singleton lacks bounds on Send and Sync.

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

6.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/08/25 9:0 p.m.17 views

Singleton lacks bounds on Send and Sync.

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

1.4AI score
Exploits0References3Affected Software1
OSV
OSV
added 2021/08/25 8:59 p.m.2 views

GHSA-JWPH-QP5H-F9WJ Data races in bunch

An issue was discovered in the bunch crate through 2020-11-12 for Rust. Affected versions of this crate unconditionally implements Send/Sync for Bunch. This allows users to insert T: !Sync to Bunch. It is possible to create a data race to a T: !Sync by invoking the Bunch::get API which returns &T...

8.1CVSS7.1AI score0.01249EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2021/08/25 8:59 p.m.32 views

Data races in async-coap

An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Affected versions of this crate implement Send/Sync for ArcGuard with no trait bounds on RC. This allows users to send RC: !Send to other threads and also allows users to concurrently access Rc: !Sync from multiple...

8.1CVSS8AI score0.00766EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/25 8:58 p.m.23 views

Data race in tiny_future

tinyfuture contains a light-weight implementation of Futures. The Future type it has lacked bound on its Send and Sync traits. This allows for a bug where non-thread safe types such as Cell can be used in Futures and cause data races in concurrent programs. The flaw was corrected in commit c79191...

8.1CVSS7.7AI score0.00766EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2021/08/25 8:58 p.m.20 views

GHSA-FG42-VWXX-XX5J Data race in tiny_future

tinyfuture contains a light-weight implementation of Futures. The Future type it has lacked bound on its Send and Sync traits. This allows for a bug where non-thread safe types such as Cell can be used in Futures and cause data races in concurrent programs. The flaw was corrected in commit c79191...

8.1CVSS7.8AI score0.00766EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2021/08/25 8:58 p.m.23 views

Data race in ruspiro-singleton

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

8.1CVSS7.6AI score0.00766EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2021/08/25 8:58 p.m.14 views

GHSA-FQQ2-XP7M-XVM8 Data race in ruspiro-singleton

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

8.1CVSS7.8AI score0.00766EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2021/08/25 8:57 p.m.32 views

Data races in parc

In the affected versions of this crate, LockWeak unconditionally implemented Send with no trait bounds on T. LockWeak doesn't own T and only provides &T. This allows concurrent access to a non-Sync T, which can cause undefined behavior like data races...

8.1CVSS7.7AI score0.00833EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder