843 matches found
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free when processing multiple threads in the workerdecoder function in streamdecodermt.c. An attacker can cause the input buffer to be freed while a worker-specific thread is still writing to it, triggering a crash. Note: The...
SUSE CVE-2022-49759
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
DEBIAN-CVE-2022-49759
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
CVE-2022-49759
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
UBUNTU-CVE-2022-49759
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
CVE-2022-49759 VMCI: Use threaded irqs instead of tasklets
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
CVE-2022-49759 VMCI: Use threaded irqs instead of tasklets
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
CVE-2022-49759 VMCI: Use threaded irqs instead of tasklets
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
CVE-2022-49759
The CVE-2022-49759 entry concerns the Linux kernel vmw_vmci/VMCI path: the vmci_dispatch_dgs() tasklet calls vmci_read_data(), which uses wait_event() and can sleep in atomic context, risking deadlock. The fix replaces tasklets with threaded IRQs and removes tasklets usage entirely. Impact center...
CVE-2022-49759
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
Exploit for CVE-2025-30208
中文 | English Vite Dev Server Vulnerability...
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to Slowloris HTTP DOS attack (CVE-2022-35639)
Summary IBM Sterling Partner Engagement Manager is vulnerable to Slowloris attack is a type of denial-of-service DoS attack which targets threaded web servers. The issue has been addressed. Vulnerability Details CVEID:CVE-2022-35639 DESCRIPTION: IBM Sterling Partner Engagement Manager do not limi...
Denial of Service (DoS)
Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service DoS by sending a large number of requests to retrieve tracked metrics simultaneously. This excessive load results in uncontrolled resource consumpti...
GHSA-35P3-6J45-PRWM Aim Uncontrolled Resource Consumption vulnerability
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service DoS attack. The issue arises when a large number of tracked metrics are retrieved simultaneously from the Aim web API, causing the web server to become unresponsive. The root cause is the lack of a limit on the number o...
GHSA-V5PJ-JRPV-H6G2 Aim vulnerable to Synchronous Access of Remote Resource without Timeout
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made unresponsive by requesting it to connect to an unresponsive socket via sshfs. The lack of an additional timeout setting ...
Aim vulnerable to Synchronous Access of Remote Resource without Timeout
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made unresponsive by requesting it to connect to an unresponsive socket via sshfs. The lack of an additional timeout setting ...
CVE-2024-12778
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service DoS attack. The issue arises when a large number of tracked metrics are retrieved simultaneously from the Aim web API, causing the web server to become unresponsive. The root cause is the lack of a limit on the number o...
CVE-2024-12777 Denial of Service in aimhubio/aim
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made unresponsive by requesting it to connect to an unresponsive socket via sshfs. The lack of an additional timeout setting ...
CVE-2024-12778 Denial of Service in aimhubio/aim
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service DoS attack. The issue arises when a large number of tracked metrics are retrieved simultaneously from the Aim web API, causing the web server to become unresponsive. The root cause is the lack of a limit on the number o...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
CVE-2025-24813-Exploit Apache Tomcat Remote Code Execution RC...