21 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-50748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipc: mqueue: fix possible memory leak in initmqueuefs commit db7cfc380900 ipc: Free mqsysctls if ipc namespace creation failed Here's a similar memory leak to t...
EUVD-2011-2898
Malware in sbrugna...
SUSE CVE-2021-47069
In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...
DEBIAN-CVE-2021-47069
In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...
[SECURITY] Fedora 37 Update: syslog-ng-3.37.1-2.fc37
syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...
[SECURITY] Fedora 36 Update: syslog-ng-3.35.1-4.fc36
syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...
SiPass Integrated Access Control Vulnerability
SiPass integrated is an access control system. With the SiPass integrated access control vulnerability, an affected application does not adequately restrict access to the internal message broker system. An attacker could exploit the vulnerability to subscribe to arbitrary message queues...
CVE-2021-44522
A vulnerability has been identified in SiPass integrated V2.76 All versions, SiPass integrated V2.80 All versions, SiPass integrated V2.85 All versions, Siveillance Identity V1.5 All versions, Siveillance Identity V1.6 All versions V1.6.284.0. Affected applications insufficiently limit the access...
Siemens SiPass Integrated和Siveillance Identity 安全漏洞
SiPass integrated is an access control system. With the SiPass integrated access control vulnerability, an affected application does not adequately restrict access to the internal message broker system. An attacker could exploit the vulnerability to subscribe to arbitrary message queues...
PT-2021-3819 · Gnu +1 · Glibc +1
Name of the Vulnerable Software and Affected Versions: glibc versions through 2.34 Description: The issue is related to the mishandling of certain NOTIFY REMOVED data in the sysdeps/unix/sysv/linux/mq notify.c component of the GNU C Library glibc, leading to a NULL pointer dereference. This can b...
[SECURITY] Fedora 33 Update: zeromq-4.3.4-1.fc33
The 0MQ lightweight messaging kernel is a library which extends the standard socket interfaces with features traditionally provided by specialized messaging middle-ware products. 0MQ sockets provide an abstraction of asynchronous message queues, multiple messaging patterns, message filtering...
Fedora: Security Advisory for zeromq (FEDORA-2021-8b3202b783)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for zeromq (FEDORA-2020-5460fcf6bd)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: zeromq-4.3.3-1.fc32
The 0MQ lightweight messaging kernel is a library which extends the standard socket interfaces with features traditionally provided by specialized messaging middle-ware products. 0MQ sockets provide an abstraction of asynchronous message queues, multiple messaging patterns, message filtering...
[SECURITY] Fedora 30 Update: zeromq-4.3.2-1.fc30
The 0MQ lightweight messaging kernel is a library which extends the standard socket interfaces with features traditionally provided by specialized messaging middle-ware products. 0MQ sockets provide an abstraction of asynchronous message queues, multiple messaging patterns, message filtering...
Improper Access Control
Red Hat Satellite is vulnerable to improper access control vulnerability. The vulnerability exists in the message queues maintained by Satellite's QPID broker and used by katello-agent. A malicious user with authentication to a host registered to Satellite could execute privilege commands to acce...
CVE-2019-3845
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite or Capsule can use this fla...
CVE-2019-3845
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite or Capsule can use this fla...
katello-installer-base: QMF methods exposed to goferd via qdrouterd
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent. A malicious user authenticated to a host registered to Satellite or Capsule can use this flaw to access QMF methods to any host also registered to Satellite or Capsule and...
[SECURITY] Fedora 29 Update: syslog-ng-3.17.2-2.fc29
syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...