53 matches found
CVE-2022-48658
In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...
CVE-2022-48658
In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...
CVE-2022-48658 mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context.
In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...
CVE-2022-48658 mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context.
In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...
CVE-2024-29151
Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI...
`claim` is Unmaintained
The last release was in February 2021, almost two years ago. The maintainer has been unresponsive regarding this crate for over a year. A pending issue with claim's dependencies has made the crate difficult to use. Possible Alternatives The below list has not been vetted in any way and may or may...
GHSA-9F3P-WVJ7-Q82X Cargo prior to Rust 1.26.0 may download the wrong dependency
Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency,...
br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2), com.cybersource:cybersource-sdk-java (>=6.0.1 <=6.1.0) +333 more potentially affected by CVE-2015-0226 via org.apache.ws.security:wss4j (>=1.5.2 <=1.6.16)
org.apache.ws.security:wss4j MAVEN version =1.5.2, =1.2.1, =6.0.1, =1.0, =1.0.1, =1.1.0.Beta5, =1.1.0.Beta5, =1.1.0.Beta5, =1.1.0.Beta1, =1.0.0, =1.2.0 and more Source cves: CVE-2015-0226 Source advisory: OSV:GHSA-VJWC-5HFH-2VV5...
com.redhat.rhevm.api:rhevm-api (>=0.1-milestone <=1.0-rc1.21), com.redhat.rhevm.api:rhevm-api-cli-actions (>=0.9-milestone1 <=0.9-milestone-4.4) +21 more potentially affected by CVE-2018-1051 via org.jboss.resteasy:resteasy-yaml-provider (>=2.0-RC1 <=3.0.24.Final)
org.jboss.resteasy:resteasy-yaml-provider MAVEN version =2.0-RC1, =0.1-milestone, =0.9-milestone1, =0.1-milestone, =0.1-milestone, =0.9-milestone1, =0.1-milestone, =0.1-milestone, =0.9-milestone1, =0.9-milestone3, =0.9-milestone1, =0.9-milestone1, =0.9-milestone3, =0.9-milestone1, =0.1-milestone,...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-21732 via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-21732 Source advisory: OSV:GHSA-C582-C96P-R5CQ...
GSD-2022-1000007 colors.js 1.4.1 has an infinite loop added by the primary developer
colors.js had an infinite loop added by the primary developer in version 1.4.1 and 6.6.6 which was released on GitHub and NPM which reports it as having 3,179 dependent packages that rely upon it. Additionally the GitHub repo was wiped of all files. This appears to have been done intentionally in...
SUSE: Security Advisory (SUSE-SU-2016:0164-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0355-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
grub2: Use-after-free in rmmod command
A flaw was found in grub2. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The...
SUSE-SU-2020:1179-1 Security update for rmt-server
This update for rmt-server to version 2.5.7 fixes the following issues: Security issues fixed: - CVE-2019-18904: Fixed offline migrations bsc1160922. - Fixed a local denial of service bsc1165548. Non-security issues fixed: - Align supported subscription types with SCC bsc1168554. - Fix migrations...
openSUSE Security Update : pcp (openSUSE-2020-213)
This update for pcp fixes the following issues : Security issue fixed : - CVE-2019-3695: Fixed a local privilege escalation of the pcp user during package update bsc1152763. Non-security issue fixed : - Fixed an dependency issue with pcp2csv bsc1129991. This update was imported from the...
OPENSUSE-SU-2020:0213-1 Security update for pcp
This update for pcp fixes the following issues: Security issue fixed: - CVE-2019-3695: Fixed a local privilege escalation of the pcp user during package update bsc1152763. Non-security issue fixed: - Fixed an dependency issue with pcp2csv bsc1129991. This update was imported from the...
Security update for pcp (important)
openSUSE Security Update: Security update for pcp Announcement ID: openSUSE-SU-2020:0213-1 Rating: important References: 1129991 1152763 1153921 Cross-References: CVE-2019-3695 CVE-2019-3696 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata is now...
SUSE SLED15 / SLES15 Security Update : pcp (SUSE-SU-2020:0357-1)
This update for pcp fixes the following issues : Security issue fixed : CVE-2019-3696: Fixed a local privilege escalation in migratetempdirs bsc1153921. CVE-2019-3695: Fixed a local privilege escalation of the pcp user during package update bsc1152763. Non-security issue fixed : Fixed an dependen...
SUSE SLED15 / SLES15 Security Update : pcp (SUSE-SU-2020:0355-1)
This update for pcp fixes the following issues : Security issue fixed : CVE-2019-3695: Fixed a local privilege escalation of the pcp user during package update bsc1152763. Non-security issue fixed : Fixed an dependency issue with pcp2csv bsc1129991. Note that Tenable Network Security has extracte...