UBUNTU-CVE-2020-36329

A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Gssapi Gssproxy Security Vulnerabilities

Gssapi Gssproxy is a C-based implementation of a GSS-API protocol-compliant proxy for the Gssapi personal developer. A security vulnerability exists in gssproxy aka gss-proxy before 0.8.3, which stems from not unlocking the cond mutex lock before the pthread in gp worker main exits...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in thex crate for Rust versions 2020-12-08 and earlier, which stems from thex allowing cross-thread data contention for non-sending types. No details of the vulnerability are...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions prior to Rust magnetic crate 2.0.1 that stems from MPMCConsumer and MPMCProducer allowing cross-threaded sends of non-sending types. No details of the vulnerability ar...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust futures-intrusive crate versions prior to 0.4.0 that stems from GenericMutexGuard allowing unsynchronized types of cross-thread data contention. No details of the...

Rust Competition Condition Problem Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust arr crate through 2020-08-25 A security vulnerability can be exploited to allow an attacker to smuggle asynchronous send types across thread boundaries, leading to data contention...

Emotet Returns to Hit 100K Mailboxes Per Day

After a lull of nearly two months, the Emotet botnet has returned with updated payloads and a campaign that is hitting 100,000 targets per day. Emotet started life as a banking trojan in 2014 and has continually evolved to become a full-service threat-delivery mechanism. It can install a collecti...

RUSTSEC-2020-0114 `Demuxer` can carry non-Send types across thread boundaries

In the affected versions of this crate, Demuxer unconditionally implemented Send with no trait bounds on T. This allows sending a non-Send type T across thread boundaries, which can cause undefined behavior like unlocking a mutex from a thread that didn't lock the mutex, or memory corruption from...

`Demuxer` can carry non-Send types across thread boundaries

In the affected versions of this crate, Demuxer unconditionally implemented Send with no trait bounds on T. This allows sending a non-Send type T across thread boundaries, which can cause undefined behavior like unlocking a mutex from a thread that didn't lock the mutex, or memory corruption from...

0D1N v3.4 - Tool For Automating Customized Attacks Against Web Applications (Full Made In C Language With Pthreads, Have A Fast Performance)

0d1n is a tool for automating customized attacks against web applications. This tool is very faster because uses thread pool and C language. 0d1n is a tool for automating customized attacks against web applications. Video demo: Tool functions: Brute force login and passwords in auth forms Directo...

RUSTSEC-2020-0108 Soundness issue: Input<R> can be misused to create data race to an object

Input implements Send without requiring R: Send. Affected versions of this crate allows users to send non-Send types to other threads, which can lead to undefined behavior such as data race and memory corruption. The flaw was corrected in version 0.5.1 by adding R: Send bound to the Send impl of...

UBUNTU-CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

MvccRwLock allows data races & aliasing violations

Affected versions of this crate unconditionally implement Send/Sync for MvccRwLock. This can lead to data races when types that are either !Send or !Sync e.g. Rc, Arc are contained inside MvccRwLock and sent across thread boundaries. The data races can potentially lead to memory corruption as...

RUSTSEC-2020-0139 dces' World type can cause data races

The World type in dces is marked as Send without bounds on its EntityStore and ComponentStore. This allows non-thread safe EntityStore and ComponentStores to be sent across threads and cause data races...

dces' World type can cause data races

The World type in dces is marked as Send without bounds on its EntityStore and ComponentStore. This allows non-thread safe EntityStore and ComponentStores to be sent across threads and cause data races...

RUSTSEC-2020-0090 Thex<T> allows data races of non-Send types across threads

thex::Thex implements Sync for all types T. However, it is missing a bound for T: Send. This allows non-Send types such as Rc to be sent across thread boundaries which can trigger undefined behavior and memory corruption...

RUSTSEC-2020-0104 ImageChunkMut needs bounds on its Send and Sync traits

In the affected versions of this crate, ImageChunkMut unconditionally implements Send and Sync, allowing to create data races. This can result in a memory corruption or undefined behavior when non thread-safe types are moved and referenced across thread boundaries. The flaw was corrected in commi...

ImageChunkMut needs bounds on its Send and Sync traits

In the affected versions of this crate, ImageChunkMut unconditionally implements Send and Sync, allowing to create data races. This can result in a memory corruption or undefined behavior when non thread-safe types are moved and referenced across thread boundaries. The flaw was corrected in commi...