Important: python-twisted

Issue Overview: The twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can exploit this by sending a crafted TCP DNS packet containing deeply chained compression pointers. This flaw bypasse...

“Good enough” emulation: Fuzzing a single thread to uncover vulnerabilities

A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection RDP on the Socomec DIRIS M-70 gateway by pivoting from physical debugging to a "good enough" emulation approach. By focusing on emulating only the single thread responsible for Modbus protocol handli...

PT-2026-20345

Name of the Vulnerable Software and Affected Versions fast-xml-parser versions prior to 5.3.6 Description The XML parser is susceptible to an unlimited amount of entity expansion. A small XML input can cause the parser to spend significant time processing a single request, leading to application...

CVE-2023-53302

In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for createsinglethreadworkqueue Add the check for the return value of the createsinglethreadworkqueue in order to avoid NULL pointer dereference...

[SECURITY] Fedora 40 Update: naga-3.0-26.20200930git6f1e95d.fc40

Naga aims to be a very small NIO library that provides a handful of java classes to wrap the usual Socket and ServerSocket with asynchronous NIO counterparts similar to NIO2 planned for Java 1.7. All of this is driven from a single thread, making it useful for both client e.g. allowing I/O to be...

OESA-2023-1267 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free flaw was found in ndlcremove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.CVE-2023-1990 The Linux kernel before 6.2.9 has a race...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has an information disclosure vulnerability, which originates from timensinstall call currentissinglethreaded to determine whether the current process is...

UBUNTU-CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

pcanywhere-brute NSE Script

Performs brute force password auditing against the pcAnywhere remote access protocol. Due to certain limitations of the protocol, bruteforcing is limited to single thread at a time. After a valid login pair is guessed the script waits some time until server becomes available again. Script Argumen...