67 matches found
GHSA-9RH9-HF3W-9FGG shopper/framework: Race condition on Discount.usage_limit allows silent over-redemption
Impact CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's totaluse counter. Under concurrent checkout pressure Black Friday, flash sale, viral coupon, the global usagelimit was silently exceeded: orders were committed with the...
shopper/framework: Race condition on Discount.usage_limit allows silent over-redemption
Impact CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's totaluse counter. Under concurrent checkout pressure Black Friday, flash sale, viral coupon, the global usagelimit was silently exceeded: orders were committed with the...
MiracleLinux 7 : libpng-1.5.13-8.el7 (AXSA:2020-552:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-552:01 advisory. libpng: does not check length of chunks against user limit CVE-2017-12652 CVE-2017-12652 libpng before 1.6.32 does not properly check the length of chunks...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
CVE-2025-64682
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
CVE-2025-64682
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
CVE-2025-64682
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
CVE-2025-64682
JetBrains Hub is affected by a race condition in versions prior to 2025.3.104432 that allows bypassing the Agent-user limit. The issue is described across multiple sources as a competitive/ race condition vulnerability in Hub leading to bypass of Agent-user restrictions. The vulnerable component ...
EUVD-2025-44055
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
CVE-2025-64681
JetBrains Hub before 2025.3.104992 is affected by a race condition that allows bypassing the user limit via invitations. This CVE (CVE-2025-64681) affects JetBrains Hub versions prior to 2025.3.104992 and is described across multiple feeds; exploitation status is not detailed in the provided docu...
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
CVE-2025-64681
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
EUVD-2025-44056
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations...
PT-2025-46150
Name of the Vulnerable Software and Affected Versions JetBrains Hub versions prior to 2025.3.104992 Description A race condition existed that allowed bypassing the user limit through invitations. Recommendations Update JetBrains Hub to version 2025.3.104992 or later...
EUVD-2017-4191
Malware in sbrugna...
CVE-2025-44653
In H3C GR2200 MiniGR1A0V100R016, the USERLIMITGLOBAL option is set to 0 in the /etc/bftpd.conf. This can cause DoS attacks when unlimited users are connected...
CVE-2025-44650
In Netgear R7000 V1.3.1.6410.1.36 and EAX80 V1.0.1.701.0.2, the USERLIMITGLOBAL option is set to 0 in the bftpd.conf configuration file. This can cause DoS attacks when unlimited users are connected...