4331 matches found
Denial Of Service (DoS)
Oracle MySQL is vulnerable to denial of serviceDoS attacks. A remote authenticated user could exploit a flaw in the Locking component which leads to cause a hang or frequently repeatable crash complete DoS...
Yarn Package Manager Tampering Vulnerability
Yarn Package Manager is a package manager. A security vulnerability exists in Yarn Package Manager, which stems from the program not performing any form of certificate locking and trust management. The vulnerability can be exploited to execute code by replacing the original installation package...
CVE-2019-1732
A vulnerability in the Remote Package Manager RPM subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use TOCTOU race condition to corrupt local variables, which could lead to arbitrary command injectio...
Race condition
A vulnerability in the Remote Package Manager RPM subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use TOCTOU race condition to corrupt local variables, which could lead to arbitrary command injectio...
CVE-2017-12778
The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\Roaming\qBittorrent pathname. The attacker must change the...
UBUNTU-CVE-2017-12778
DISPUTED The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\Roaming\qBittorrent pathname. The attacker must chang...
CVE-2019-2050
In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0...
Design/Logic Flaw
In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0...
Denial Of Service (DoS)
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS clie...
Integer Overflows
The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could u...
Denial Of Service (DoS)
MySQL is vulnerable to denial of service DoS. It allow remote attackers to affect availability via unknown vectors related to Server Locking...
The vulnerability of the File Locking Services component in the Solaris operating system allows a hacker to trigger a service failure.
The vulnerability of the File Locking Services component in the Solaris operating system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to cause a service failure...
Linux Missing Lockdown Exploit
Linux suffers from a missing locking between ELF coredump code and userfaultfd VMA modification. Linux: missing locking between ELF coredump code and userfaultfd VMA modification Related CVE Numbers: CVE-2019-11599. elfcoredump has a comment back from something like 2.5.43-C3 that says: / We no...
(Pwn2Own) Oracle VirtualBox e1000 Race Condition Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
UBUNTU-CVE-2019-11599
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by...
CVE-2019-2577
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...
CVE-2019-2577
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...
Design/Logic Flaw
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...
CVE-2019-2577
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...
kernel security and bug fix update
3.10.0-957.12.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.12.1 - kernel locking/rwsem: Fix possible missed wakeup Waiman Long 1690323...