SUSE CVE-2018-2771

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Locking. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocol...

SUSE CVE-2018-9415

In driveroverridestore and driveroverrideshow of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel...

SUSE CVE-2018-9422

In getfutexkey of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74250718 References: Upstre...

SUSE CVE-2019-14763

In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid...

SUSE CVE-2020-0423

In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

SUSE CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

SUSE CVE-2020-27066

In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

SUSE CVE-2021-3567

A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. An attacker could use this flaw to bypass screen-locking applications that leverage Caribou as an input mechanism. The highest threat from this vulnerability is to system availability...

SUSE CVE-2021-23133

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...

SUSE CVE-2021-26708

A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support...

SUSE CVE-2021-30851

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution...

SUSE CVE-2021-39801

In ionioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

SUSE CVE-2022-20141

In ipcheckmcrcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

SUSE CVE-2022-20153

In rcucblistdequeue of rcusegcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...

SUSE CVE-2022-31621

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dsxbstream.cc, when an error occurs streamctxt-destfile == NULL while executing the method xbstreamopen, the held lock is not released correctly, which allows local users to trigger a denial of service due to the...

SUSE CVE-2022-31622

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs pthreadcreate returns a nonzero value while executing the method createworkerthreads, the held lock is not released correctly, which allows local users to trigger a denial of...

There is no way to retrieve the rewards from the MultisigManager and rewards are locked in the vault.

Lines of code Vulnerability details C4 issue M-21: Division by zero error can block RewardsPoolstartRewardCycle if all multisig wallet are disabled. Comments The protocol provides an external function startRewardsCycle so that anyone can start a new reward cycle if necessary. Before mitigation,...

RewardTokens can be locked in MultiRewardStaking contract when the rewardsEndTimestamp of the rewardsTokens are different.

Lines of code Vulnerability details Impact To claim reward tokens from the MultiRewardStaking contract deployed, a user must call claimRewardsaddress user, IERC20 memory rewardsTokens. The rewardsTokens array is populated with getAllRewardsTokens which returns all the reward Tokens the...

CVE-2023-20619

In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519159; Issue ID: ALPS07519159...

CVE-2023-20619

In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519159; Issue ID: ALPS07519159...