Design/Logic Flaw

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

CVE-2021-28714

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

CVE-2021-23727

A command injection vulnerability was found in the distributed task queue celery, which can lead to remote code execution. An attacker with access to backend results can reconstruct the exception class to act as a command payload which can be queried to the task to execute...

PT-2025-8399

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue has been identified in the Linux kernel, specifically in the blk-throttle component. This issue occurs when a bio block I/O request is throttled and the BIO...

PT-2025-8655

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A memory corruption issue in the VF driver of the Linux kernel has been resolved. The issue occurred when the VF driver assumed that the VF was disabled while it still had queues...

GSD-2021-1002648 audit: improve robustness of the audit queue handling

audit: improve robustness of the audit queue handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.222 by commit...

GSD-2021-1002632 audit: improve robustness of the audit queue handling

audit: improve robustness of the audit queue handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.259 by commit...

ROS-2-2203

2.2203 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

The vulnerability of the IBM WebSphere MQ messaging software for HPE NonStop operating systems, related to authentication procedures that allow attackers to escalate their privileges.

The vulnerability of the IBM WebSphere MQ messaging software for HPE NonStop operating systems is related to deficiencies in the authentication process when the SharedBindingsUserId attribute is used. Exploiting this vulnerability can allow attackers to gain increased privileges...

Qt 5.12.2 through 5.14.2 as used in unofficial builds of Mumble 1.3.0 and other products mishandles OpenSSL's error queue which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected regardless of the Qt version.)

...

PT-2021-22685 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the dwc3 gadget ep0 queue function of ep0.c due to improper locking. This could lead to local escalation of privilege with no additional execution privilege...

CVE-2021-44522

A vulnerability has been identified in SiPass integrated V2.76 All versions, SiPass integrated V2.80 All versions, SiPass integrated V2.85 All versions, Siveillance Identity V1.5 All versions, Siveillance Identity V1.6 All versions V1.6.284.0. Affected applications insufficiently limit the access...

Design/Logic Flaw

A vulnerability has been identified in SiPass integrated V2.76 All versions, SiPass integrated V2.80 All versions, SiPass integrated V2.85 All versions, Siveillance Identity V1.5 All versions, Siveillance Identity V1.6 All versions V1.6.284.0. Affected applications insufficiently limit the access...

Vulnerabilities fixed in IBM MQ for HPE NonStop Server

Vulnerabilities have been fixed in IBM MQ used in the HPE NonStop Server. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges IBM has released updates to f...

DEBIAN-CVE-2018-25021

The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service DoS...

UBUNTU-CVE-2018-25021

The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service DoS...

IBM MQ for HP NonStop 安全漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. The product focuses on providing a reliable and validated messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ for HP NonStop that stems from vulnerability to an elevation of privile...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in the Google Android Kernel. The vulnerability stems from an out-of-bounds write due to improper locking in the dwc3gadgetep0queue of ep0.c. An attacker could use this...

What is AMQP Protocol ❓ All you need to know

The cost-free and fast operations of the open-source tool have made them a preferred choice over their closed-source peers. Without putting any hard and fast restrictions on the users, open-source applications have become a norm these days. AMQP Standard is a commonly used messaging protocol used...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while...