Owner of project NFT has no purpose

Lines of code Vulnerability details Owner of project NFT has no purpose Impact Creating a new project mints a NFT to the sender builder. The builder of a project has special permissions and is required to perform various tasks. However, if the minted NFT is transferred to a different address, the...

The vulnerability in the implementation of the ip_check_mc_rcu() function in the Inet Sockets component of Android kernel allows a perpetrator to escalate their privileges.

The vulnerability of the implementation of the ipcheckmcrcu function in the Inet Sockets component of Android operating systems lies in the use of memory after it is freed due to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to increase their privileges...

mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs i.e., going to the err label while executing the method createworkerthreads, the held lock thd-ctrlmutex is not released correctly, which allows local users to trigger a denial ...

mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs pthreadcreate returns a nonzero value while executing the method createworkerthreads, the held lock is not released correctly, which allows local users to trigger a denial of...

PUB-A-216130110

In trustylogseqstart of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

GSD-2022-1004670 ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero

ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.208 by commit...

GSD-2022-1004525 ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero

ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.134 by commit...

GSD-2022-1004464 btrfs: don't set lock_owner when locking extent buffer for reading

btrfs: don't set lockowner when locking extent buffer for reading This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.51 by commit...

GSD-2022-1004340 ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero

ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...

GSD-2022-1004256 btrfs: don't set lock_owner when locking extent buffer for reading

btrfs: don't set lockowner when locking extent buffer for reading This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit...

GSD-2022-1004117 ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero

ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.15 by commit...

PT-2022-1383 · Google +3 · Android Kernel +3

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a possible use after free due to improper locking in the binder vma close function of binder.c. This could lead to local escalation of privilege with...

EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2022-2194)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the...

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2022-2213)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the...

mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs pthreadcreate returns a nonzero value while executing the method createworkerthreads, the held lock is not released correctly, which allows local users to trigger a denial of...

mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs i.e., going to the err label while executing the method createworkerthreads, the held lock thd-ctrlmutex is not released correctly, which allows local users to trigger a denial ...

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:2423-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2423-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage...

The vulnerability of the Red Database database management system lies in improper locking of resources, which allows attackers to trigger a service failure.

The vulnerability of the Red Database database management system is related to improper locking of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by opening a specially crafted file through various processes...

CVE-2022-34892

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

CVE-2022-34892

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...