CVE-2020-14656

CVE-2020-14656 is a MySQL (Oracle MySQL) vulnerability in the Server: Locking component affecting 8.0.20 and earlier. The issue allows a high-privileged attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server. The available connected advisories ...

PT-2020-3371 · Mysql Server +7 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.20 and prior Description: The issue is related to insufficient input validation in the MySQL Server component, specifically in the Locking system. This can be exploited by a remote attacker to cause a denial of...

The vulnerability of the enterprise-level catalog service 389 Directory Server lies in its weak mechanism for recovering forgotten passwords, allowing attackers to gain access to confidential data.

The vulnerability of the enterprise-level catalog service 389 Directory Server lies in a locking error that may lead to password retrieval attempts. Exploiting this vulnerability could allow an attacker to gain access to confidential data remotely...

USN-4369-2: Linux kernel regression

USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

USN-4369-2 linux, linux-raspi2, linux-raspi2-5.3 regression

USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

USN-4369-1: Linux kernel vulnerabilities

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 Trista...

USN-4369-1 linux, linux-aws, linux-aws-5.3, linux-azure, linux-azure-5.3, linux-gcp, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-raspi2 vulnerabilities

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 Trista...

USN-4368-1: Linux kernel vulnerabilities

Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. CVE-2019-19769 It was discovered that the Serial CAN interface driver in the Linux...

USN-4368-1 linux-gke-5.0, linux-oem-osp1 vulnerabilities

Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. CVE-2019-19769 It was discovered that the Serial CAN interface driver in the Linux...

CVE-2020-8867

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...

CVE-2020-8867

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...

Design/Logic Flaw

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...

CVE-2020-8867

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...

OPC Foundation UA .NET Standard Code Issue Vulnerability

NET Standard is the OPC Foundation's OPC Foundation set of unified architecture standards for developing OPC UA applications. A security vulnerability exists in the handling of sessions in OPC Foundation UA.NET Standard due to a lack of proper locking when performing operations on objects. An...

CVE-2020-11826

The CVE-2020-11826 entry affects Memono version 3.8, where notes locked with a password are stored in plaintext in the memono.sqlite database. Specifically, notes reside in the ZENTITY table and can be read without knowing the password, indicating a data exposure due to lack of encryption. The co...

(Pwn2Own) OPC Foundation UA .NET Standard CreateSessionRequest Race Condition Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results from the lack ...

Denial Of Service (DoS)

The kernel is vulnerable to Denial Of Service DoS. Due to a flaw found in the gfs2lock implementation, the GFS2 locking code could skip the lock operation for files that have the SISGID bit set-group-ID on execution in their mode set. A local, unprivileged user on a system that has a GFS2 file...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it...

CVE-2019-14763

A vulnerability was found in the Linux kernel when using the "Synopsys DesignWare Core SuperSpeed USB 3.0 Controller", where a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid...

openSUSE: Security Advisory for glibc (openSUSE-SU-2020:0381-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...