CVE-2021-2295

Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite component: BI Publisher Integration. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Concurrent...

SUSE: Security Advisory (SUSE-SU-2020:3024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-11070 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists between a task aborting a transaction during a commit, a task doing an fsync, and the transaction kthread, leading to a use-after-free of the log root tree. Thi...

CVE-2021-28938

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...

CVE-2021-28938

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...

Design/Logic Flaw

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...

CVE-2021-28938

Siren Federate contains a cross-context information leak vulnerability affecting multiple versions: 6.8.14-10.3.9, 6.9.x–7.6.x, 7.7.x–7.9.x, 7.10.x–7.11.x, and 7.11.x. In concurrent query execution by a low-privilege and a high-privilege user, the former may run with the latter's privileges, leak...

CVE-2021-28938

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...

Siren Federate 安全漏洞

Siren Federate is an application from Siren Ireland. It extends the Elasticsearch API to add high performance and scalable joins. A security vulnerability exists in Siren Federate that discloses user information across thread contexts when a low-privileged user and a high-privileged user execute...

CVE-2020-11231

Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

sanlock bug fix and enhancement update

The sanlock packages provide a shared storage lock manager. Hosts with shared access to a block device or a file can use sanlock to synchronize their activities. VDSM and libvirt use sanlock to synchronize access to shared devices or files. Bug Fixes and Enhancements: Support 50 concurrent...

ALBA-2021:1090 sanlock bug fix and enhancement update

The sanlock packages provide a shared storage lock manager. Hosts with shared access to a block device or a file can use sanlock to synchronize their activities. VDSM and libvirt use sanlock to synchronize access to shared devices or files. Bug Fixes and Enhancements: Support 50 concurrent...

CVE-2021-1281

A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to the way the software handles concurrent CLI sessions. An attacker could exploit this vulnerabilit...

CVE-2021-1281 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to the way the software handles concurrent CLI sessions. An attacker could exploit this vulnerabilit...

Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to the way the software handles concurrent CLI sessions. An attacker could exploit this vulnerabilit...

Cisco IOS XE SD-WAN Software 资源管理错误漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An elevation of privilege vulnerability exists in the CLI management for SD-WAN in Cisco IOS XE. The vulnerability stems from a problem with the way the software handles concurren...

NETGEAR JGS516PE/GS116Ev2 Denial of Service Vulnerability

The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. A denial of service vulnerability exists in the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. The vulnerability stems from the TFTP server not being able to handle multiple connections. An attacker could exploit the...

CVE-2020-35233

The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external attackers to force device reboots by sending concurrent connections, aka a denial of service attack...

Apache Oozie Competitive Conditions Vulnerability

Apache Oozie is an Apache Apache open source application. Provides a workflow scheduler system for managing Apache Hadoop job functions. Apache Oozie in version 5.2.1 before the existence of a security vulnerability , the vulnerability stems from the network system or product in the operation of...