Anyone can extend withdraw wait period by depositing zero collateral

Handle harleythedog Vulnerability details Impact In MochiVault.sol, the deposit function allows anyone to deposit collateral into any position. A malicious user can call this function with amount = 0, which would reset the amount of time the owner has to wait before they can withdraw their...

ALPINE-CVE-2021-28692

inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPUs issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead, the issuing CPU...

UVI-2021-1000430 Drivers: hv: vmbus: Increase wait time for VMbus unload

Drivers: hv: vmbus: Increase wait time for VMbus unload This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...

GSD-2021-1000430 Drivers: hv: vmbus: Increase wait time for VMbus unload

Drivers: hv: vmbus: Increase wait time for VMbus unload This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...

GSD-2021-1000277 Drivers: hv: vmbus: Increase wait time for VMbus unload

Drivers: hv: vmbus: Increase wait time for VMbus unload This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...

CVE-2021-27603

An RFC enabled function module SPIWAITMILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the...

UBUNTU-CVE-2021-28951

An issue was discovered in fs/iouring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service deadlock because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25...

Google Asylo Buffer Error Vulnerability

Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A security vulnerability exists in Google Asylo version 0.6.0 and...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

CVE-2020-24613

wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAITCERTCR state, within SanityCheckTls13MsgReceived in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely impersonate any TLS 1.3 servers...

Linux kernel out-of-bounds read vulnerability (CNVD-2020-14290)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in setfdc in drivers/block/floppy.c in Linux kernel 5.5.6 and earlier. An attacker can exploit this vulnerability to cause...

DEBIAN-CVE-2020-9383

An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2...

UBUNTU-CVE-2020-9383

An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2...

SUSE-SU-2020:0353-1 Security update for systemd

This update for systemd provides the following fixes: - CVE-2020-1712 bscbsc1162108 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or...

UBUNTU-CVE-2020-1700

A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by...

UBUNTU-CVE-2019-19073

Memory leaks in drivers/net/wireless/ath/ath9k/htchst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by triggering waitforcompletiontimeout failures. This affects the htcconfigpipecredits function, the htcsetupcomplete function, and the...

ScanQLi - Scanner To Detect SQL Injection Vulnerabilities

ScanQLi is a simple SQL injection scanner with somes additionals features. This tool can't exploit the SQLi, it just detect them. Tested onDebian 9 Features Classic Blind Time based GBK soon Recursive scan follow all hrefs of the scanned web site Cookies integration Adjustable wait delay between...

PT-2019-12079 · Salicru · Slc-20-Cube3

Name of the Vulnerable Software and Affected Versions: Salicru SLC-20-cube35 devices running firmware version cs121-SNMP v4.54.82.130611 Description: A reflected HTML injection issue allows remote attackers to inject arbitrary HTML elements via specific API endpoints, including /DataLog.csv?log=,...

CVE-2018-1786

IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSEWAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871...

kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c

A flaw was found in the Linux kernel's handling of fork failure when dealing with event messages in the userfaultfd code. Failure to fork correctly can create a fork event that will be removed from an already freed list of events...