316 matches found
CVE-2024-9513
A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUserQuestionsFilled of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2024-34399
UNSUPPORTED WHEN ASSIGNED An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker is able to access any user account without using any password. NOTE: This vulnerability only affects products that are no longer supported by the maintainer and the impacted version...
CVE-2024-34399
UNSUPPORTED WHEN ASSIGNED An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker is able to access any user account without using any password. NOTE: This vulnerability only affects products that are no longer supported by the maintainer and the impacted version...
BMC Remedy Mid Tier 安全漏洞
BMC Remedy Mid Tier is an application from BMC USA, Inc. It is used to act as a client for the Remedy AR System server and a server for the browser. A security vulnerability exists in BMC Remedy Mid Tier version 7.6.04 that originates from an unauthorized remote attacker being able to access any...
CVE-2024-34399
UNSUPPORTED WHEN ASSIGNED An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker is able to access any user account without using any password. NOTE: This vulnerability only affects products that are no longer supported by the maintainer and the impacted version...
CVE-2024-34399
CVE-2024-34399 affects BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker can access any user account without a password, implying high impact to confidentiality, integrity, and availability as described. The impact is noted as total in the referenced metrics, with a CVSS3.1 base scor...
kernel: cifs: fix mid leak during reconnection after timeout threshold
In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection. But we do not return the mi...
SUSE CVE-2023-52757
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All releasemid callers seem to hold a reference of @mid so there is no need to call krefput&mid-refcount, releasemid under @server-midlock spinlock. If they don't, then an...
DEBIAN-CVE-2023-52757
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All releasemid callers seem to hold a reference of @mid so there is no need to call krefput&mid-refcount, releasemid under @server-midlock spinlock. If they don't, then an...
UBUNTU-CVE-2023-52757
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All releasemid callers seem to hold a reference of @mid so there is no need to call krefput&mid-refcount, releasemid under @server-midlock spinlock. If they don't, then an...
DEBIAN-CVE-2024-35998
In the Linux kernel, the following vulnerability has been resolved: smb3: fix lock ordering potential deadlock in cifssyncmidresult Coverity spotted that the cifssyncmidresult function could deadlock "Thread deadlock ORDERREVERSAL lockorder: Calling spinlock acquires lock TCPServerInfo.srvlock...
AZL-55440 CVE-2024-35998 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: smb3: fix lock ordering potential deadlock in cifssyncmidresult Coverity spotted that the cifssyncmidresult function could deadlock "Thread deadlock ORDERREVERSAL lockorder: Calling spinlock acquires lock TCPServerInfo.srvlock...
SAMSUNG Escargot 安全漏洞
SAMSUNG Escargot is a memory-optimized JavaScript engine from Samsung South Korea for mid-range devices such as cell phones, tablets and TVs. A security vulnerability exists in SAMSUNG Escargot version 4.0.0, which stems from a segmentation error issue...
nodejs: improper handling of wildcards in --allow-fs-read and --allow-fs-write
A flaw was found in the Node.js Permission Model, where it is not clarified in the documentation that wildcards should only be used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/.pub will ignore pub and give access to everything after .ssh/...
From 500 to 5000 Employees - Securing 3rd Party App-Usage in Mid-Market Companies
A company's lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true for modern mid-market companies that are either experiencing or have experienced rapid growth. As requirements and tasks continue to accumulate and...
DEBIAN-CVE-2021-46911
In the Linux kernel, the following vulnerability has been resolved: chktls: Fix kernel panic Taking page refcount is not ideal and causes kernel panic sometimes. It's better to take txctx lock for the complete skb transmit, to avoid page cleanup if ACK received in middle...
CVE-2021-46911
In the Linux kernel, the following vulnerability has been resolved: chktls: Fix kernel panic Taking page refcount is not ideal and causes kernel panic sometimes. It's better to take txctx lock for the complete skb transmit, to avoid page cleanup if ACK received in middle...
UBUNTU-CVE-2021-46911
In the Linux kernel, the following vulnerability has been resolved: chktls: Fix kernel panic Taking page refcount is not ideal and causes kernel panic sometimes. It's better to take txctx lock for the complete skb transmit, to avoid page cleanup if ACK received in middle...
PT-2024-14725
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a potential deadlock when releasing mids in the smb client. All release mid callers seem to hold a reference of @mid, so there is no need to call kref...
Ubuntu 16.04 ESM : WildMIDI vulnerabilities (USN-4807-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4807-1 advisory. It was discovered that WildMIDI incorrectly handled certain MID files. A remote attacker could possibly use this issue to cause a denial of service...