CVE-2022-22209

A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service DoS. On all Junos platforms, the Kernel Routing Table KRT queue can get stuck due to a memory leak triggered ...

acido (>=0.16.0 <=0.53.0), adx-logging-handler (>=1.0.0 <=1.0.3) +105 more potentially affected by CVE-2022-30187 via azure-storage-queue (>=0.37.0 <=12.3.0)

azure-storage-queue PYPI version =0.37.0, =0.16.0, =1.0.0, =2.13.1.post2, =0.2.0, =2.3.1, =1.2.0, =0.1.0, =1.0.0, =0.1.5, =0.1.0, =0.5.10, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.1.1 and more Source cves: CVE-2022-30187 Source advisory: OSV:GHSA-64X4-9HC6-R2H6...

CVE-2022-35283

IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request...

Fixed vulnerabilities in IBM MQ (Operator and Queue manager)

IBM has fixed multiple vulnerabilities in supporting software provided with IBM MQ Operator and Queue manager. The vulnerabilities are in the Golang software provided. A malicious party could potentially exploit the vulnerabilities to obtain increased user privileges, sensitive data and/or...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to an issue in OPM and Golang Go packages (CVE-2020-15257, CVE-2021-21334 and CVE-2021-41771)

Summary IBM MQ Operator catalog container image is vulnerable to an issue in OPM package from Red Hat openshift4/ose-operator-registry and IBM MQ Operator, IBM Supplied Queue Manager container images are vulnerable to an issue in the Golang Go packages. CVE-2020-15257, CVE-2021-21334 and...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to vulnerabilities from Golang Go and IBM WebSphere Application Server Liberty (CVE-2021-39293 and CVE-2021-39038)

Summary Vulnerabilities were identified in Golang Go and IBM WebSphere Application Server Liberty packages that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID: CVE-2021-39293 DESCRIPTION: Golang Go is vulnerable to a denial of service,...

Security Bulletin: IBM Security Verify Information Queue uses a dom4j version with improper XXE restrictions (CVE-2020-10683)

Summary The products image in IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the dom4j library that does not properly safeguard against XML External Entity XXE attacks. ISIQ v10.0.3 has upgraded its products image to include a newer dom4j level that remediates the...

sidekiq: XSS via the queue name of the live-poll feature

A cross-site scripting vulnerability was found in sidekiq via the queue name of the live-poll feature. A potential attacker can impersonate or masquerade as the victim user using this vulnerability when Internet Explorer is used...

CVE-2022-34787

Jenkins Project Inheritance Plugin 21.04.03 and earlier does not escape the reason a build is blocked in tooltips, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to control the reason a queue item is blocked...

Cross site scripting

Jenkins Project Inheritance Plugin 21.04.03 and earlier does not escape the reason a build is blocked in tooltips, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to control the reason a queue item is blocked...

PT-2025-8602 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition in the Linux kernel's mptcp socket handling can lead to a use-after-free UaF access. This occurs when the listener socket owning a relevant request is closed, freeing...

SUSE: Security Advisory (SUSE-SU-2022:2174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Robotic Process Automation before 21.0.2 and 21.0.1.2 could allow a queue to be deleted by a registered user.

Summary IBM Robotic Process Automation before 21.0.2 and 21.0.1.2 could allow a queue to be deleted by a registered user. This could cause a disruption on any RPA scripts dependent on queues. Vulnerability Details CVEID: CVE-2022-22319 DESCRIPTION: IBM Robotic Process Automation could allow a...

Queued proposals cannot be executed in GovernorBravoDelegate.sol

Lines of code GovernorBravoDelegate.solL63 Vulnerability details Impact In GovernorBravoDelegate.sol's queue function, the executed value for the proposal to be queued is set to true. The execute function in GovernorBravoDelegate.sol will revert when called since the state of the proposal is...

Malicious code in @boosted-bounty/firebase-queue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15ca2bdb5a1428f6304b1f11c70817ec28f2d7ee836fd9dfcc1dee58d87d7a37 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1383 Malicious code in azure-storage-queue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 817015f4821a3efffc41e7fe04ce95d36839db3aa6b53ce082b70b90c828d865 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in azure-storage-queue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 817015f4821a3efffc41e7fe04ce95d36839db3aa6b53ce082b70b90c828d865 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in storage-queue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f293d5b58cea192a649d42d38b37dc26c6dea91a7825405a5359920228abdbf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6315 Malicious code in storage-queue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f293d5b58cea192a649d42d38b37dc26c6dea91a7825405a5359920228abdbf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

a2 (>=0.5.0-alpha.6 <=0.5.0-alpha.7), abci-rs (=0.2.0) +425 more potentially affected by unknown CVE via crossbeam-queue (>=0.1.2 <=0.2.0)

crossbeam-queue CARGO version =0.1.2, =0.5.0-alpha.6, =0.0.2, =0.0.1, =0.1.0-alpha.2, =0.1.5, =0.12.0, =0.5.0, =0.1.0, =0.3.0 - amethyst-navigation =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-6888-WF7J-34JQ...