CVE-2020-8934

The Site Kit by Google plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 1.8.0 This is due to the lack of capability checks on the adminenqueuescripts action which displays the connection key. This makes it possible for authenticated attacker...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

SUSE CVE-2017-18183

An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject function in libqpdf/QPDFWriter.cc...

OESA-2023-1074 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: atmtcenqueue in net/sched/schatm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition rather than valid...

OESA-2023-1072 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via...

Denial Of Service (DoS)

Linux kernel is vulnerable to Denial Of Service DoS. The vulnerability exists through use after free in the networking code because the schsfb enqueue function used the socket buffer SKB cb field after the same SKB had been enqueued and freed into a child qdisc, allowing an attacker to cause an...

UBUNTU-CVE-2023-23455

atmtcenqueue in net/sched/schatm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition rather than valid classification results...

Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5793-3)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-3 advisory. It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free...

Ubuntu 22.10 : Linux kernel (IBM) vulnerabilities (USN-5793-4)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-4 advisory. It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free...

Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5793-1)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-1 advisory. It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0001)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was found in the Linux kernel in nfconntrackirc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IR...

PT-2022-36110 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.8 Description: The issue is related to a use after free in the red enqueue function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2022-36452 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.224 Description: The issue is related to a use after free in the red enqueue function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...