openSUSE 15 Security Update : libnbd (SUSE-SU-2022:2754-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2754-1 advisory. - A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating th...

openSUSE 15 Security Update : libnbd (SUSE-SU-2022:2347-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2347-1 advisory. - A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating th...

CVE-2023-22499

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the...

Code injection

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the...

CVE-2023-22499 Interactive permission prompt spoofing in Deno

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the...

Deno 竞争条件问题漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. Deno suffers from a Competing Conditions Issue vulnerability that arises when a multi-threaded program can spoof an interactive permission prompt by rewriting the...

CVE-2022-1097

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...

[SECURITY] Fedora 35 Update: mariadb-10.5.18-1.fc35

MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...

PT-2025-13301

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-0.rc8.20220727git39c3c396f813.60.fc37.aarch64 Description The issue arises from the vmci dispatch dgs tasklet function calling vmci read data, which uses wait event and results in an invalid sleep in an...

mysql:8.0 security, bug fix, and enhancement update

An update is available for mecab-ipadic, mecab, mysql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MySQL is a multi-user, multi-threaded SQL database server...

RLSA-2022:7119 Moderate: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.30. Security Fixes: mysql: Server: DML multiple unspecified...

PartyLoud - A Simple Tool To Generate Fake Web Browsing And Mitigate Tracking

PartyLoud is a highly configurable and straightforward free tool that helps you prevent tracking directly from your linux terminal, no special skills required. Once started, you can forget it is running. It provides several flags; each flag lets you customize your experience and change PartyLoud...

[SECURITY] Fedora 37 Update: kitty-0.26.3-2.fc37

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...

PT-2022-7437 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the request threaded irq function in the gpiolib component of the Linux kernel, which can cause a repeated release of memory, potentially leading to a denial of...

Moderate: mysql security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.30. BZ2122589 Security Fixes: mysql: Server: Optimizer multiple...

CVE-2022-22097

Memory corruption in graphic driver due to use after free while calling multiple threads application to driver. in Snapdragon Consumer IOT...

DEBIAN-CVE-2022-0485

A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...

Command injection

A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...

UBUNTU-CVE-2022-0485

A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...

CVE-2022-0485

CVE-2022-0485 affects the libnbd nbdcopy tool. The root cause is that during multi-threaded copies, asynchronous nbd command completions were treated as success without validating the error parameter, which could silently corrupt the destination image. No explicit patch/version information or exp...