Lucene search
K

126 matches found

Cvelist
Cvelist
added 2022/10/20 5:50 a.m.40 views

CVE-2022-27626

A vulnerability regarding concurrent execution using shared resource with improper synchronization 'Race Condition' is found in the session processing functionality of Out-of-Band OOB Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following...

10CVSS10AI score0.00984EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/09/14 12:0 a.m.6 views

The vulnerability of the OverlayFS subsystem in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the OverlayFS subsystem in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.8AI score0.00213EPSS
Exploits0References8Affected Software3
OSV
OSV
added 2022/05/17 5:47 a.m.31 views

GHSA-HW4G-FHCP-X5MQ Concurrent Execution using Shared Resource with Improper Synchronization in pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or ...

8.7CVSS7.4AI score0.01582EPSS
Exploits0References15
Github Security Blog
Github Security Blog
added 2022/05/17 5:47 a.m.51 views

Concurrent Execution using Shared Resource with Improper Synchronization in pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or ...

4.3CVSS4AI score0.01582EPSS
Exploits0References14Affected Software1
OSV
OSV
added 2022/05/17 4:59 a.m.24 views

GHSA-4644-HG35-55M9 Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security

Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread...

5.1CVSS6.4AI score0.01246EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/17 4:59 a.m.30 views

Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security

Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread...

5.1CVSS6.8AI score0.01246EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 1:10 a.m.36 views

Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...

7.5CVSS7.6AI score0.16038EPSS
Exploits0References53Affected Software1
OSV
OSV
added 2022/05/02 4:0 a.m.44 views

GHSA-MPG6-RGP4-35RR Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, a different...

6.3CVSS6.1AI score0.01364EPSS
Exploits0References13
OSV
OSV
added 2022/05/02 4:0 a.m.29 views

GHSA-62XG-239J-VXG7 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

6.3CVSS6.1AI score0.00934EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/05/02 4:0 a.m.37 views

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS5.4AI score0.00934EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2021/12/08 6:46 p.m.28 views

CVE-2021-41025

Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 thorugh 6.0.7, including an instance of concurrent execution using shared resource with improper synchronization and one of...

7.3CVSS9.9AI score0.01445EPSS
Exploits0References1
Talos
Talos
added 2021/11/09 12:0 a.m.23 views

Microsoft Azure Sphere Pluton concurrent syscalls denial of service vulnerability

Summary A denial of service vulnerability exists in the Pluton syscalls functionality of Microsoft Azure Sphere 21.01, 21.06 and 21.07. A specially-crafted set of syscalls executed in parallel by an unprivileged process can lead to the crash of Pluton, resulting in a device reboot denial of...

7.6AI score
Exploits0
NVD
NVD
added 2021/11/02 6:15 p.m.36 views

CVE-2021-36181

A concurrent execution using shared resource with improper Synchronization vulnerability 'Race Condition' in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific...

3.5CVSS0.00436EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/11/02 5:22 p.m.12 views

CVE-2021-36181

A concurrent execution using shared resource with improper Synchronization vulnerability 'Race Condition' in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific...

3.1CVSS6.9AI score0.00436EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/02 5:22 p.m.42 views

CVE-2021-36181

A concurrent execution using shared resource with improper Synchronization vulnerability 'Race Condition' in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific...

3.1CVSS4.4AI score0.00436EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2021/11/02 7:46 a.m.12 views

iptables bug fix and enhancement update

An update is available for iptables. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The iptables utility controls the network packet filtering code in the Linux...

1.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/10/29 12:0 a.m.7 views

The vulnerability relates to the SAPI extension of the PHP-FPM process runner, which is a PHP programming language interpreter. This vulnerability allows attackers to elevate their privileges to root.

The vulnerability of the SAPI extension for the PHP-FPM process interpreter involves access control issues when the processes are executed simultaneously. Exploiting this vulnerability can allow an attacker to gain elevated privileges to root...

7.8CVSS6.6AI score0.01337EPSS
Exploits1References19Affected Software6
GitLab Advisory Database
GitLab Advisory Database
added 2021/08/13 12:0 a.m.42 views

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

5.9CVSS6.7AI score0.01522EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2021/07/09 7:15 p.m.21 views

Race condition

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

6.3CVSS5.4AI score0.00503EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/07/09 6:26 p.m.14 views

CVE-2020-29014

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

6.3CVSS7.2AI score0.00503EPSS
Exploits0References1
Rows per page
Query Builder