CVE-2020-29661

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyjobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b...

Design/Logic Flaw

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyjobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b...

UBUNTU-CVE-2020-29660

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24...

CVE-2020-29660

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24...

CVE-2020-29660

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24...

CVE-2020-29661

The entry CVE-2020-29661 describes a local, kernel-space vulnerability in the Linux tty subsystem (drivers/tty/tty_jobctrl.c) that can enable a use-after-free through TIOCSPGRP. A locking issue in this path allows memory corruption and potential privilege escalation or system impact when an attac...

CVE-2020-29661

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyjobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b...

SUSE SLES12 Security Update : glibc (SUSE-SU-2020:3024-1)

This update for glibc fixes the following issues : CVE-2020-10029: Fixed a stack corruption from range reduction of pseudo-zero bsc1165784 Use posixspawn on popen bsc1149332, bsc1176013 Correct locking and cancellation cleanup in syslog functions bsc1172085 Fixed concurrent changes on nscd aware...

Linux kernel resource management error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in the Linux kernel through 5.9.13, which stems from a locking inconsistency found in the tty subsystem. Driver tty tty io.c an...

HCL Domino Locking Policy Bypass Vulnerability

HCL Domino is a suite of enterprise-class application development platforms from HCL India. A locking policy bypass vulnerability exists in the LDAP service in HCL Domino. An attacker can exploit this vulnerability to conduct a brute force attack on the LDAP service...

Hcl Technologies Domino 授权问题漏洞

HCL Domino is a suite of enterprise-class application development platforms from HCL India. A locking policy bypass vulnerability exists in the LDAP service in HCL Domino. An attacker can exploit this vulnerability to conduct a brute force attack on the LDAP service...

openSUSE Security Update : the Linux Kernel (openSUSE-2020-2034)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-28915: A buffer over-read at the framebuffer layer in the fbcon code could be used by local attackers to read kernel memory, aka CID-6735b4632def bnc1178886. -...

UBUNTU-CVE-2018-20803

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10...

GaussDB Kernel: Enabling the Auditing of Database Locking and Unlocking

The parameter audituserlocked specifies whether to audit the locking and unlocking of database users. After this parameter is set to on, the locking status of database accounts is traced. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources,...

Vulnerability of the Server component: Locking of the MySQL Server database management system, allowing attackers to cause service interruptions.

Vulnerability of the MySQL Server component: Locking the MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

openGauss: Configuring the Upper Limit of Failed Login Attempts

You are advised to set the upper limit of failed login attempts to protect passwords from brute-force attacks. After the parameter failedloginattempts is set, an account will be automatically locked if the number of its failed login attempts exceeds the parameter value. Copyright C 2020 Greenbone...

openGauss: Enabling the Auditing of Database Locking and Unlocking

The parameter audituserlocked specifies whether to audit the locking and unlocking of database users. After this parameter is set to on, the locking status of database accounts is traced. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources,...

MariaDB 10.1.0 < 10.1.48 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.1.48. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.48 advisory. - With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged us...

MariaDB 10.3.0 < 10.3.26 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.3.26. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.3.26 advisory. - With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged us...

MariaDB 10.5.0 < 10.5.7 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.5.7. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.5.7 advisory. - With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user...