4329 matches found
UBUNTU-CVE-2020-14656
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
CVE-2020-14656
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
CVE-2020-14656
CVE-2020-14656 is a MySQL (Oracle MySQL) vulnerability in the Server: Locking component affecting 8.0.20 and earlier. The issue allows a high-privileged attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server. The available connected advisories ...
PT-2020-3371 · Mysql Server +7 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.20 and prior Description: The issue is related to insufficient input validation in the MySQL Server component, specifically in the Locking system. This can be exploited by a remote attacker to cause a denial of...
The vulnerability of the enterprise-level catalog service 389 Directory Server lies in its weak mechanism for recovering forgotten passwords, allowing attackers to gain access to confidential data.
The vulnerability of the enterprise-level catalog service 389 Directory Server lies in a locking error that may lead to password retrieval attempts. Exploiting this vulnerability could allow an attacker to gain access to confidential data remotely...
USN-4369-2 linux, linux-raspi2, linux-raspi2-5.3 regression
USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...
USN-4369-2: Linux kernel regression
USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...
USN-4369-1 linux, linux-aws, linux-aws-5.3, linux-azure, linux-azure-5.3, linux-gcp, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-raspi2 vulnerabilities
It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 Trista...
USN-4369-1: Linux kernel vulnerabilities
It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 Trista...
USN-4368-1 linux-gke-5.0, linux-oem-osp1 vulnerabilities
Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. CVE-2019-19769 It was discovered that the Serial CAN interface driver in the Linux...
USN-4368-1: Linux kernel vulnerabilities
Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. CVE-2019-19769 It was discovered that the Serial CAN interface driver in the Linux...
CVE-2020-8867
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...
CVE-2020-8867
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...
Design/Logic Flaw
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...
CVE-2020-8867
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...
OPC Foundation UA .NET Standard Code Issue Vulnerability
NET Standard is the OPC Foundation's OPC Foundation set of unified architecture standards for developing OPC UA applications. A security vulnerability exists in the handling of sessions in OPC Foundation UA.NET Standard due to a lack of proper locking when performing operations on objects. An...
CVE-2020-11826
The CVE-2020-11826 entry affects Memono version 3.8, where notes locked with a password are stored in plaintext in the memono.sqlite database. Specifically, notes reside in the ZENTITY table and can be read without knowing the password, indicating a data exposure due to lack of encryption. The co...
(Pwn2Own) OPC Foundation UA .NET Standard CreateSessionRequest Race Condition Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results from the lack ...
Denial Of Service (DoS)
The kernel is vulnerable to Denial Of Service DoS. Due to a flaw found in the gfs2lock implementation, the GFS2 locking code could skip the lock operation for files that have the SISGID bit set-group-ID on execution in their mode set. A local, unprivileged user on a system that has a GFS2 file...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it...