CVE-2023-21281

Summary (concrete details from connected docs): CVE-2023-21281 affects the Android Framework, specifically the KeyguardViewMediator.java logic, where a flaw can cause a failure to lock after screen timeout. This enables local elevation of privilege across users with no additional execution privil...

CVE-2023-21281

In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-21281

In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-38741

IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force...

CVE-2023-38741

IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force...

Design/Logic Flaw

IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force...

CVE-2023-38741

IBM TXSeries for Multiplatforms versions 8.1, 8.2, and 9.1 are vulnerable to a denial-of-service due to improper enforcement of timeouts on individual read operations, enabling slowloris-type attacks. The base CVSS score is 7.5 ( NETWORK, LOW complexity, NONE privileges, HIGH impact on availabili...

CVE-2023-38741 IBM TXSeries for Multiplatforms denial of service

IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force...

StoreFront service status down after NetScaler HA failover

The customer triggered NetScaler HA failover, in the new Primary node, StorefrontSF service status show down with Monitor connection Timeout error...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in the multiple method code of KeyguardViewMediator.java, where the screen may not lock after a timeout. An attacker can...

IBM TXSeries for Multiplatforms 安全漏洞

IBM TXSeries for Multiplatforms is a transaction monitoring and management software product from International Business Machines IBM designed to support distributed transaction processing on multiple platforms. A denial of service vulnerability exists in IBM TXSeries for Multiplatforms versions...

GHSA-7VXC-Q7RV-QFJ8 SUCHMOKUO node-worker-threads-pool denial of service Vulnerability

An issue was discovered in StaticPool in SUCHMOKUO node-worker-threads-pool version 1.4.3 that allows attackers to cause a denial of service. This can be mitigated by manually creating a timeout. For example: ts const StaticPool = require"node-worker-threads-pool"; const staticPool = new...

PT-2023-6913 · Ibm · Ibm Txseries For Multiplatforms

Name of the Vulnerable Software and Affected Versions: IBM TXSeries for Multiplatforms versions 8.1 through 9.1 Description: The issue is related to a denial of service caused by improper enforcement of the timeout on individual read operations. A remote attacker could exploit this by conducting...

User can't redeem from RToken based on CurveStableRTokenMetapoolCollateral when any underlying collateral of paired RToken's price oracle is offline(timeout)

Lines of code Vulnerability details The CurveStableMetapoolCollateral is intended for 2-fiattoken stable metapools that involve RTokens, such as eUSD-fraxBP. The metapoolToken coin0 is pairedToken, which is also a RToken, and the coin1 is lpToken, e.g. 3CRV. And the...

ASB-A-265431505

In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for...

Azure MCS catalog update fails with FailedToStartImagePreparationVm - CreateUpdateVm-1 timed out

Unable to update a machine catalog for an Azure hosted MCS deployment. The MCS process fails early about 15% into the update The error message shows "Error - Terminated", and the action name is "MCUpdateMachineCatalog" The full stack trace is similar to this : TerminatedStack Trace: at...

July 25, 2023—KB5028244 (OS Build 19045.3271) Preview

July 25, 2023—KB5028244 OS Build 19045.3271 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

CVE-2023-34462

A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per...

Citrix Cloud - Setting admin timeouts in Citrix Cloud portal

Requirement to know what the current timeout limit is when using Citrix Cloud and if it is possible to change the limit with regards to a Cloud Studio Admin session. Need to be able to force the user to have to login again after a certain amount of time...

CVE-2023-34450 CometBFT PeerState JSON serialization deadlock

CometBFT is a Byzantine Fault Tolerant BFT middleware that takes a state transition machine and replicates it on many machines. An internal modification made in versions 0.34.28 and 0.37.1 to the way struct PeerState is serialized to JSON introduced a deadlock when new function MarshallJSON is...