1070 matches found
Malicious code in noblox.js-threads (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff6e7081bd0620aa9d7475eb55589362075317d25dceecf4c6df7ce2230ce28e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE CVE-2024-27267
The Object Request Broker ORB in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads...
riscv: prevent pt_regs corruption for secondary idle threads
...
CVE-2024-27267 IBM SDK, Java Technology Edition denial of service
The Object Request Broker ORB in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads...
CVE-2024-27267 IBM SDK, Java Technology Edition denial of service
The Object Request Broker ORB in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads...
PT-2024-21783 · Ibm +3 · Ibm Sdk +4
Name of the Vulnerable Software and Affected Versions: IBM SDK, Java Technology Edition versions 7.1.0.0 through 7.1.5.18 IBM SDK, Java Technology Edition versions 8.0.0.0 through 8.0.8.26 Description: The Object Request Broker ORB in IBM SDK, Java Technology Edition is vulnerable to remote denia...
kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats
A vulnerability was found in the dotaskstat function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness...
SUSE CVE-2024-42245
In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.maxloop if all tasks examined to...
CVE-2024-42245
In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.maxloop if all tasks examined to...
CVE-2024-39510 cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read()
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefilesondemanddaemonread We got the following issue in a fuzz test of randomly issuing the restore command: ================================================================== BUG: KASAN:...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential data contention issue in the iouring/io-wq component when handling worker threads...
This Week in Spring - July 9th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! And what a week it's been! We've got a lot to get into, so let's dive right in. I quite liked this talk, Continuations: The magic behind virtual threads in Java by Balkrishna Rawool @ Spring I/O 2024 In last week's episode of...
Exploit for Path Traversal in Splunk
CVE-2024-36991: Path traversal that affects Splunk Enterprise...
This Week in Spring - July 2nd, 2024
Hi, spring fans! Welcome to another amazing installment of This Week in Spring! In last week's installment of A Bootiful Podcast, recorded a few weeks ago at Spring IO, I talked with Spring Security legend Laur Spilca In last week's installment of Spring Tips, I looked at a number of ways you cou...
Exploit for CVE-2024-27292
CVE-2024-27292 : Docassemble V1.4.96 Unauthenticated Path Trav...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a race condition between direct IO writes and fsync operations when using the same file descriptor. If we have two threads that use the same file descriptor, and one of them performs direct IO writes while the other...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: “riscv”: prevents corruption of pt regs for secondary idle threads. The top of the kernel thread stack should be reserved for pt regs. However, this is not the case for the idle threads of the secondary boot harts. Their stacks...
SUSE CVE-2024-38667
In the Linux kernel, the following vulnerability has been resolved: riscv: prevent ptregs corruption for secondary idle threads Top of the kernel thread stack should be reserved for ptregs. However this is not the case for the idle threads of the secondary boot harts. Their stacks overlap with...
Malicious code in airbrake-notifying_threads (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
AZL-42901 CVE-2024-38667 affecting package kernel for versions less than 6.6.35.1-4
In the Linux kernel, the following vulnerability has been resolved: riscv: prevent ptregs corruption for secondary idle threads Top of the kernel thread stack should be reserved for ptregs. However this is not the case for the idle threads of the secondary boot harts. Their stacks overlap with...