CVE-2026-33150

A flaw was found in libfuse. A use-after-free vulnerability in the iouring subsystem allows a local attacker to potentially execute arbitrary code and crash FUSE Filesystem in Userspace filesystem processes. This occurs when iouring thread creation fails due to resource exhaustion, such as limits...

EUVD-2020-20336

Malware in sbrugna...

SUSE CVE-2020-27837

A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more...

OESA-2022-1811 gdm security update

The GNOME Display Manager is a system service that is responsible for providing graphical log-ins and managing local and remote displays, and if the session doesn't provide a display server, GDM will start the display server. It also provides initiate functionality for user-switching, so multiple...

OESA-2022-1812 gdm security update

The GNOME Display Manager is a system service that is responsible for providing graphical log-ins and managing local and remote displays, and if the session doesn't provide a display server, GDM will start the display server. It also provides initiate functionality for user-switching, so multiple...

Race condition

A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more...

UBUNTU-CVE-2020-27837

A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more...

Code injection

The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected...

CVE-2018-10140

The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected...

Denial of Service in PAN-OS Management Web Interface

A Denial of Service exists in PAN-OS Management Web Interface that allows an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. Ref PAN-100189, CVE-2018-10140 This vulnerability can be triggered by an authenticated user...

DEBIAN-CVE-2016-2836

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to Http2Session::Shutdown a...

Mozilla: Use-after-free in DTLS during WebRTC session shutdown (MFSA 2016-72)

Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session...

Mozilla: Miscellaneous memory safety hazards (rv:45.3) (MFSA 2016-62)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to Http2Session::Shutdown a...

CVE-2015-3165

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service crash by closing an SSL session at a time when the authentication timeout will expire during the session...