152 matches found
GSD-2023-1001114 f2fs: fix to invalidate dcc->f2fs_issue_discard in error path
f2fs: fix to invalidate dcc-f2fsissuediscard in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000705 f2fs: fix to invalidate dcc->f2fs_issue_discard in error path
f2fs: fix to invalidate dcc-f2fsissuediscard in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GHSA-4M5P-5W5W-3JCF com.enonic.xp:lib-auth vulnerable to Session Fixation
Impact All id-providers using lib-auth login method. Patches https://github.com/enonic/xp/commit/0189975691e9e6407a9fee87006f730e84f734ff https://github.com/enonic/xp/commit/2abac31cec8679074debc4f1fb69c25930e40842 https://github.com/enonic/xp/commit/1f44674eb9ab3fbab7103e8d08067846e88bace4...
PT-2022-28162 · Enonic · Enonic Xp
Name of the Vulnerable Software and Affected Versions: Enonic XP versions less than 7.7.4 Description: The issue is a session fixation problem that allows a remote and unauthenticated attacker to use prior sessions due to the lack of invalidating session attributes. This affects all id-providers...
PT-2022-7185 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to a memory leak in the fscache invalidate function in the fs/fscache/cookie.c module of the Linux kernel. This can be exploited to cause a denial of service. The...
CVE-2022-32990
An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS...
GHSA-G4G7-Q726-V5HG Symfony CSRF Token Fixation
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the...
DEBIAN-CVE-2021-4148
A vulnerability was found in the Linux kernel's blockinvalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service DOS problem...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel blockinvalidatepage function, which can be exploited by an attacker to cause a program to crash...
Jetty 11.0.x < 11.0.3 Multiple Vulnerabilities
According to its self-reported version number, the instance of Jetty hosted on the remote web server is prior to 9.4.41, 10.0.x prior to 10.0.3 or 11.0.x prior to 11.0.3. It is, therefore, affected by multiple vulnerabilities: - An issue with failure to invalidate sessions after an exception in t...
UVI-2021-1001083 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...
GSD-2021-1001083 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...
GSD-2021-1001002 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.46 by commit...
UVI-2021-1001002 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.46 by commit...
DEBIAN-CVE-2021-27351
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...
UBUNTU-CVE-2021-27351
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...
CVE-2021-27351
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...
PT-2020-6010 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 5.5 through 5.7.9 Description: The issue is related to the tss invalidate io bitmap function in the Linux kernel, which is associated with incorrect default permission settings. An attacker may exploit this to gain...
ALPINE-CVE-2019-12222
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...
DEBIAN-CVE-2019-12222
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...