375 matches found
EUVD-2025-206605
Memory Corruption when multiple threads simultaneously access a memory free API...
MiracleLinux 4 : abrt-2.0.8-26.0.1.AXS4, libreport-2.0.9-21.0.1.AXS4 (AXBA:2014-792:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXBA:2014-792:01 advisory. - LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to...
[SECURITY] Fedora 43 Update: python-urllib3-2.6.3-1.fc43
urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: =E2=80=A2 Thread safety. =E2=80=A2 Connection pooling. =E2=80=A2 Client-side SSL/TLS verification. =E2=80=A2 File uploads with multipart encoding...
CVE-2008-6549
The passwordchecker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service segmentation fault and crash via unknown vectors...
CVE-2025-14017
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
AZL-73740 CVE-2025-14017 affecting package cmake for versions less than 3.21.4-21
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
AZL-73736 CVE-2025-14017 affecting package cmake for versions less than 3.30.3-11
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
AZL-73676 CVE-2025-14017 affecting package curl for versions less than 8.11.1-5
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
AZL-73743 CVE-2025-14017 affecting package curl for versions less than 8.8.0-8
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
CVE-2025-14017 broken TLS options for threaded LDAPS
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
CVE-2025-14017
CVE-2025-14017 (libcurl/curl) : In multi-threaded LDAPS transfers, changing TLS options in one thread can affect globally, impacting other concurrently configured transfers. This cross-thread side effect may also cause a per-transfer certificate verification setting to inadvertently disable featu...
CVE-2025-14017 broken TLS options for threaded LDAPS
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
CVE-2025-14017 broken TLS options for threaded LDAPS
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
CVE-2025-14017
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
broken TLS options for threaded LDAPS
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
CVE-2023-54015
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5devcomregisterdevice In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and freeing it might lead to...
regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex
...
UBUNTU-CVE-2023-54015
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5devcomregisterdevice In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and freeing it might lead to...
CVE-2025-68354
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...
PT-2025-52972
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the net/mlx5 component, specifically in the mlx5 devcom register device function. A use-after-free condition can occur if devcom allocation fails,...