5 matches found
CVE-2026-28503 Tandoor Recipes has Cross-Space IDOR in SyncViewSet.query_synced_folder: missing space scoping on get_object_or_404
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the SyncViewSet.querysyncedfolder action in cookbook/views/api.py line 903 fetches a Sync object using getobjector404Sync, pk=pk without including space=request.space i...
SUSE CVE-2024-42262
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it ...
SUSE CVE-2024-42263
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...
Reffers Crate Security Breach
Reffers Crate through 2020-12-01 for Rust A security vulnerability exists that stems from the fact that ARefss can contain a !Send,!Sync object, resulting in data contention and memory corruption...
IBM InfoSphere BigInsights SQL Component Unauthorized Access Vulnerability
IBM InfoSphere BigInsights is a set of software platform for storing and analyzing "big data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data.Big SQL is one of the SQL interface components. A security...