EUVD-2024-1178

Malicious code in bioql PyPI...

CVE-2024-31999

The CVE-2024-31999 issue affects @festify/secure-session used with Fastify. The vulnerability arises in the session removal process: after a session is marked for deletion, an attacker who can access the cookie could continue to reuse it, effectively retaining access across requests. Public detai...

DEBIAN-CVE-2023-52503

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix use-after-free vulnerability in amdteeclosesession There is a potential race condition in amdteeclosesession that may cause use-after-free in amdteeopensession. For instance, if a session has refcount == 1, and o...

SUSE CVE-2021-47026

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: destroy sysfs after removing session from active list A session can be removed dynamically by sysfs interface "removepath" that eventually calls rtrscltremovepathfromsysfs function. The current...

DEBIAN-CVE-2021-47026

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: destroy sysfs after removing session from active list A session can be removed dynamically by sysfs interface "removepath" that eventually calls rtrscltremovepathfromsysfs function. The current...

UBUNTU-CVE-2021-47026

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: destroy sysfs after removing session from active list A session can be removed dynamically by sysfs interface "removepath" that eventually calls rtrscltremovepathfromsysfs function. The current...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing sessions to be removed from the active list...

Can't Logoff Ghost Sessions “-” from Citrix Studio

Can't logoff the session in Studio, which is not even shown in VDAtask manager. Customer tried to hide the session with the below Powershell command, but this ghost session record still exists on Studio. "Get-BrokerSession -username Domain\username | Set-BrokerSession -hidden $true" Need to figur...

PT-2024-11126 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free problem can occur in the Linux kernel when a session is removed dynamically by the sysfs interface "remove path" that calls the rtrs clt remove path from sysfs functio...

wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory OOM issue, leading to a denial of service. The highest threat from this vulnerability is to system availability...

CVE-2020-25644

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability...

CVE-2015-5963

contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service session store consumption or session record removal via a large number of requests to...