CVE-2022-37034

In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. If done repeatedly, this will result in Tomcat request-thread exhaustion and ultimately a denial of any other requests...

CVE-2022-37034

In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. If done repeatedly, this will result in Tomcat request-thread exhaustion and ultimately a denial of any other requests...

CVE-2022-37034

dotCMS 5.x-22.06 is affected by a denial-of-service condition when TempResource is called repeatedly to download large files, exhausting Tomcat request threads and denying other requests. The connected documents provide this description without including exploit details or a remediation. No other...

Vulnerability of the Server component: Thread Pooling in the MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Server: Thread Pooling component of the MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

sssd bug fix and enhancement update

An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

glibc bug fix and enhancement update

An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librarie...

[SECURITY] Fedora 36 Update: rust-1.66.1-1.fc36

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

CVE-2023-24042

A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. A handler thread can use an overwritten context-FileName...

Race condition

A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has been classified as problematic. This affects an unknown part of the file SSharpSmartThreadPool/SmartThreadPool.cs. The manipulation leads to race condition within a thread. The complexity of an attack is rather high. The...

CVE-2015-10067

A CVE entry (CVE-2015-10067) concerns oznetmaster SSharpSmartThreadPool. The issue is a race condition within the file SSharpSmartThreadPool/SmartThreadPool.cs, affecting an unknown portion of the thread pool logic. The attack complexity is described as high and exploitability as difficult, with ...

CVE-2023-21874

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

UBUNTU-CVE-2023-21874

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

CVE-2023-21874

CVE-2023-21874 affects Oracle MySQL Server (Server: Thread Pooling). Affected versions are 8.0.30 and prior. Exploitation requires network access via multiple protocols by a high-privileged attacker and can cause partial denial of service to MySQL Server. The connected Nessus entries corroborate ...

GSD-2023-1001555 md/raid1: stop mdx_raid1 thread when raid1 array run failed

md/raid1: stop mdxraid1 thread when raid1 array run failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

GSD-2023-1001330 md/raid1: stop mdx_raid1 thread when raid1 array run failed

md/raid1: stop mdxraid1 thread when raid1 array run failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001004 md/raid1: stop mdx_raid1 thread when raid1 array run failed

md/raid1: stop mdxraid1 thread when raid1 array run failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1000571 md/raid1: stop mdx_raid1 thread when raid1 array run failed

md/raid1: stop mdxraid1 thread when raid1 array run failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

PT-2023-34407 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.163 Description: A potential issue exists where the md/raid1 thread is not stopped when the raid1 array run fails. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

PT-2023-33648 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: A potential issue exists where the md/raid1 thread is not stopped when the raid1 array run fails. The actual impact and attack plausibility have not yet been proven. Recommendations: For Lin...

PT-2023-33569 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: A potential security issue has been identified in the THR handler related to Clear DFR errors. The actual impact and attack plausibility have not yet been proven. Recommendations: For versio...