RUSTSEC-2020-0118 Future<T> lacks bounds on Send and Sync.

tinyfuture contains a light-weight implementation of Futures. The Future type it has lacked bound on its Send and Sync traits. This allows for a bug where non-thread safe types such as Cell can be used in Futures and cause data races in concurrent programs. The flaw was corrected in commit c79191...

Future<T> lacks bounds on Send and Sync.

tinyfuture contains a light-weight implementation of Futures. The Future type it has lacked bound on its Send and Sync traits. This allows for a bug where non-thread safe types such as Cell can be used in Futures and cause data races in concurrent programs. The flaw was corrected in commit c79191...

CVE-2020-23740

In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges...

CVE-2020-23740

In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges...

CVE-2020-23736

There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use constructed programs to cause computer crashes BSOD...

Denial of service

There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use constructed programs to cause computer crashes BSOD...

CVE-2020-28175

There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52. Attackers can use constructed programs to increase user privileges...

Interpol Arrests 3 Nigerian BEC Scammers For Targeting Over 500,000 Entities

Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise BEC scams have been arrested in the city of Lagos, Interpol reported yesterday. The investigation, dubbed...

openGauss: Ensuring the Existence of the Socket File

Some application programs may search for the socket file in the /tmp directory to deceive the server. During the system startup, the socket file /tmp/ $ USER gaussdb/.s.PGSQL. $PGPORT is created by default to prevent some applications from creating or overwriting the socket file in the /tmp...

IMChecker

This repository is an offensive tool for API misuse detection, specifically designed to identify API misuse bugs in C programs. The tool is called IMChecker, and it uses a constraint-directed static analysis technique powered by a domain-specific language DSL for specifying API usage constraints...

RUSTSEC-2020-0115 Singleton lacks bounds on Send and Sync.

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

Singleton lacks bounds on Send and Sync.

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

may_queue's Queue lacks Send/Sync bound for its Send/Sync trait.

Affected versions of mayqueue implements Send/Sync for its Queue type without restricting it to Sendable types and Syncable types. This allows non-Sync types such as Cell to be shared across threads leading to undefined behavior and memory corruption in concurrent programs...

hashconsing's HConsed lacks Send/Sync bound for its Send/Sync trait.

Affected versions of hashconsing implements Send/Sync for its HConsed type without restricting it to Sendable types and Syncable types. This allows non-Sync types such as Cell to be shared across threads leading to undefined behavior and memory corruption in concurrent programs...

RUSTSEC-2020-0107 hashconsing's HConsed lacks Send/Sync bound for its Send/Sync trait.

Affected versions of hashconsing implements Send/Sync for its HConsed type without restricting it to Sendable types and Syncable types. This allows non-Sync types such as Cell to be shared across threads leading to undefined behavior and memory corruption in concurrent programs...

RUSTSEC-2020-0111 may_queue's Queue lacks Send/Sync bound for its Send/Sync trait.

Affected versions of mayqueue implements Send/Sync for its Queue type without restricting it to Sendable types and Syncable types. This allows non-Sync types such as Cell to be shared across threads leading to undefined behavior and memory corruption in concurrent programs...

[SECURITY] Fedora 32 Update: mariadb-10.4.16-1.fc32

MariaDB is a community developed branch of MySQL - a multi-user, multi-thre aded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an...

Fedora: Security Advisory for mariadb (FEDORA-2020-b995eb2973)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Open redirect

Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser...

Security and the One Percent: A Thought Exercise in Estimation and Consequences

There's a good chance that if you're reading this post, you're the member of an exclusive club. I call it the security one percent, or the security 1% or securityonepercent on Twitter. This is shorthand for the assortment of people and organizations who have the personnel, processes, technology,...