Denial Of Service (DoS)

libvirt.so is vulnerable to Denial of Service. The vulnerability exists in virStoragePoolObjListSearch of virstorageobj.c because it tries to lock the same item from another thread, which causes an application crash...

SUSE: Security Advisory (SUSE-SU-2023:2957-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2626

There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...

Google Nest 授权问题漏洞

Google Nest is a smart home product by Google, an American company. Google Nest has a security vulnerability. The vulnerability allows unauthenticated nodes to forge radio frames using "Key ID Mode 2", a special mode that uses a static encryption key to bypass security checks, allowing arbitrary ...

CVE-2023-3603

A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticat...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6185-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6185-1 advisory. It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial ...

Blackbone - Windows Memory Hacking Library

Windows memory hacking library Features x86 and x64 support Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write virtual memory Process modules Enumerate all 32/64 bit modules loaded...

Red Hat libvirt 安全漏洞

Red Hat libvirt is a Linux API for implementing Linux virtualization features from Red Hat, Inc. that supports a variety of Hypervisors, including Xen and KVM, as well as QEMU and a number of virtual products for other operating systems. A security vulnerability exists in Red Hat libvirt that ste...

CVE-2022-48509

Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally...

Race condition

Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally...

CVE-2022-48509

CVE-2022-48509 describes a race condition in Huawei Share within Huawei HarmonyOS caused by multi-thread access to mutually exclusive resources. The vulnerability may cause the affected program to exit abnormally if exploited. Based on available sources, the issue is a race condition with impact ...

CVE-2022-48509

Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally...

CVE-2022-48509

Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally...

A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability.

...

Mattermost Access Control Error Vulnerability (CNVD-2023-55043)

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an Access Control Error vulnerability that stems from not checking the identity of a channel member when accessing a message thread, which can be exploited by an attacker to...

CVE-2023-2787

Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rekor (SUSE-SU-2023:2515-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2515-1 advisory. - updated to rekor 1.2.1 jscSLE-23476: - CVE-2023-33199: Fixed that malformed proposed intoto v0.0.2...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an Access Control Error vulnerability that stems from not checking the identity of a channel member when accessing a message thread, which can be exploited by an attacker to...

CVE-2023-3218

Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5...

Race condition

Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5...