AZL-31816 CVE-2023-46862 affecting package kernel for versions less than 5.15.143.1-1

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an iouring/fdinfo.c iouringshowfdinfo NULL pointer dereference can occur...

CVE-2023-46862

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an iouring/fdinfo.c iouringshowfdinfo NULL pointer dereference can occur...

Null pointer dereference

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an iouring/fdinfo.c iouringshowfdinfo NULL pointer dereference can occur...

UBUNTU-CVE-2023-46862

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an iouring/fdinfo.c iouringshowfdinfo NULL pointer dereference can occur...

UBUNTU-CVE-2023-31418

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and...

YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group

A relatively new threat actor known as YoroTrooper is likely made up of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani...

The vulnerability of the PutSubImage() function in the client-side API library for the X Window System, libX11, allows a hacker to trigger a service failure.

The vulnerability of the PutSubImage function in the client-side API library for the X Window System libX11 is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2023-37891 WordPress Exit Popups & Onsite Retargeting by OptiMonk Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin = 2.0.4 versions...

The vulnerability of the Wireshark traffic analyzer lies in the execution of a loop with an unavailable exit condition, allowing a hacker to cause a service failure.

The vulnerability of the Wireshark traffic analyzer is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability allows a malicious actor to cause a service failure...

DEBIAN-CVE-2023-4155

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

Advisory ROSA-SA-2023-2233

Software: thunderbird 102.14.0 OS: rosa-server79 packageevrstring: thunderbird-102.14.0-3.res7.x8664.rpm CVE-ID: CVE-2023-3417 BDU-ID: 2023-03965 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character for overriding text...

Advisory ROSA-SA-2023-2232

Software: firefox 102.14.0 OS: rosa-server79 packageevrstring: firefox-102.14.0-3.res7.x8664.rpm CVE-ID: CVE-2023-3417 BDU-ID: 2023-03965 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character for overriding text directio...

The vulnerability of the Exiv2 metadata management library, related to the execution of a loop with an unreachable exit condition, allows a perpetrator to cause a service failure.

The vulnerability of the Exiv2 metadata management library relates to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to cause a service failure...

Medium: php72-pecl-imagick

Issue Overview: ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. CVE-2017-1000476 The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability th...

The vulnerability of the TIFFReadDirectory function in the LibTIFF library, which allows a hacker to cause a service failure.

The vulnerability of the TIFFReadDirectory function in the LibTIFF library is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Oracle Linux 8 : libarchive (ELSA-2019-3698)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3698 advisory. - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 Tenable has extracted the precedin...

The vulnerability of the QXmlStreamReader function in the cross-platform framework for Qt software development allows a attacker to cause a service failure.

The vulnerability of the QXmlStreamReader function in the cross-platform software development framework for Qt is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Linux Kernel Competitive Conditions Problem Vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux Kernel suffers from a Competitive Condition Issue vulnerability, which stems from a flaw found in the memory management subsystem, where a competition exists between ...

CVE-2023-4511 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file...

Moderate: Red Hat Security Advisory: RHUI 4.5.0 release - Security, Bug Fixes, and Enhancements

An updated version of Red Hat Update Infrastructure RHUI is now available. RHUI 4.5 fixes several security and operational bugs and also adds several new features. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and...