CVE-2021-28951

An issue was discovered in fs/iouring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service deadlock because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25...

Linux kernel 安全漏洞

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in fs/iouring.c in Linux kernel 5.11.8 and earlier. The vulnerability stems...

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.6 (RHSA-2021:0873)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0873 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client

A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code,...

jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client

A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code,...

Race condition

Race Condition within a Thread vulnerability in iscsisnapshotcommcore in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web requests...

CVE-2021-26569

Race Condition within a Thread vulnerability in iscsisnapshotcommcore in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web requests...

The vulnerability of Intel Graphics Driver drivers, related to errors in managing the execution thread, allows attackers to gain increased privileges.

The vulnerability of Intel Graphics Drivers’ drivers is related to errors in managing the execution thread. Exploiting this vulnerability can allow attackers to gain increased privileges...

glibc bug fix and enhancement update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Bug Fixes and Enhancement...

CVE-2021-22303

There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1C00E1R1P1. There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising...

CVE-2021-22303

There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1C00E1R1P1. There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising...

Double free

There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1C00E1R1P1. There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising...

CVE-2021-22303

The CVE-2021-22303 entry concerns Huawei Taurus-AL00A smartphone running 10.0.0.1 (C00E1R1P1). The vulnerability is a pointer double free caused by lack of multi-thread reentry protection when a function is called, potentially enabling a crash of the affected module and disruption of normal servi...

Friday Squid Blogging: Live Giant Squid Found in Japan

A giant squid was found alive in the port of Izumo, Japan. Not a lot of news, just this Twitter thread with a couple of videos. If confirmed, I believe this will be the THIRD time EVER a giant squid was filmed alive! As usual, you can also use this squid post to talk about the security stories in...

OESA-2021-1031 freeradius security update

Remote Authentication Dial-In User Service RADIUS is a networking protocol that provides centralized Authentication, Authorization, and Accounting AAA or Triple A management for users who connect and use a network service.\r\n\r\n Security Fixes:\r\n\r\n In FreeRADIUS 3.0 through 3.0.19, on avera...

Huawei Taurus-AL00A 资源管理错误漏洞

The Huawei Taurus-AL00A is a smartphone from the Chinese company Huawei Huawei. A security vulnerability exists in Huawei Taurus-AL00A version 10.0.0.1 C00E1R1P1. The vulnerability stems from the program not setting multi-thread reentry protection when calling a function. An attacker can exploit...

CVE-2021-21293

blaze is a Scala library for building asynchronous pipelines, with a focus on network IO. All servers running blaze-core before version 0.14.15 are affected by a vulnerability in which unbounded connection acceptance leads to file handle exhaustion. Blaze, accepts connections unconditionally on a...

Moderate: Red Hat Security Advisory: glibc security and bug fix update

An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Web-Brutator - Modular Web Interfaces Bruteforcer

Fast Modular Web Interfaces Bruteforcer Install python3 -m pip install -r requirements.txt Usage $ python3 web-brutator.py -h . / \ / \ \ | \ \ / | / | \ // // | \ | | /\ \ | \ \ \ \ / \ \ \ /\ /| \ \ // | | \ | | / | /| | / | | | / /\ / \ / | / || |/ || /| /|| / / / / / Version 0.2...

MyBB Thread Redirect 0.2.1 Cross Site Scripting

Exploit Title: MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting Date: 7/23/2018 Author: 0xB9 Software Link: https://github.com/jamiesage123/Thread-Redirect Version: 0.2.1 Tested on: Windows 10 1. Description: This plugin allows threads to redirect to a URL with optional custom text. The...