14 matches found
CVE-2026-49296
Before apache-airflow 3.3.0, a user authorized to read one Dag could disclose the source of other Dags co-located in the same source file. GET /api/v2/dagSources/dagid — and the equivalent Dag-source view in the UI — returned the entire source file without redacting Dags the caller was not...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a race condition between direct IO writes and fsync operations when using the same file descriptor. If we have two threads that use the same file descriptor, and one of them performs direct IO writes while the other...
btrfs: fix race setting file private on concurrent lseek using same fd
...
SUSE CVE-2024-47741
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race setting file private on concurrent lseek using same fd When doing concurrent lseek2 system calls against the same file descriptor, using multiple threads belonging to the same process, we have a short time window...
AZL-50853 CVE-2024-47741 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race setting file private on concurrent lseek using same fd When doing concurrent lseek2 system calls against the same file descriptor, using multiple threads belonging to the same process, we have a short time window...
UBUNTU-CVE-2024-47741
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race setting file private on concurrent lseek using same fd When doing concurrent lseek2 system calls against the same file descriptor, using multiple threads belonging to the same process, we have a short time window...
The vulnerability of the distributed Git version control system, related to the use of pre-installed security-related data, allows a hacker to create hard links to any readable file within the same file system.
The vulnerability of the distributed Git version control system is related to the use of pre-installed data related to security. Exploiting this vulnerability allows a attacker to create hard links to any readable file within the same file system...
PT-2024-13094 · Linux · Linux
Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to memory corruption that occurs when multiple listeners are being registered with the same file descriptor. Recommendations: At the moment, there is no information about...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when multiple listeners are registered to the same file descriptor...
Collabora Online Security Breach
Collabora Online is an application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A security vulnerability exists in Collabora Online versions 1.0 through prior to 1.3, which stems from a misconfigured...
DEBIAN-CVE-2020-10729
A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords a...
Open Ticket Request System Information Disclosure Vulnerability (CNVD-2020-32426)
Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted through various channels such as phone calls, emails, etc. into different queues and service levels, and the service...
UBUNTU-CVE-2020-1774
When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects OTRS Community Edition: 5.0.42 and prior versions, 6.0.27 and prio...
ALPINE-CVE-2016-9102
Memory leak in the v9fsxattrcreate function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption and QEMU process crash via a large number of Txattrcreate messages with the same fid number...