2485 matches found
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
UBUNTU-CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379
Grafana Live contains a race condition that can be triggered by authenticated users with the Viewer role. Concurrent requests lead to a fatal map access error, causing complete Grafana server unavailability and requiring a restart. Public details are limited to the description; no explicit exploi...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-43484
A flaw was found in the Linux kernel's MultiMediaCard MMC core. Concurrent updates to bitfield flags, specifically 'claimed' and 'retunenow', can lead to unintended overwrites of other bits in asynchronous contexts. This can trigger spurious warnings and result in system instability or unexpected...
CVE-2026-39806 HTTP/1 chunked decoder infinite loop on requests with trailer fields in bandit
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in mtrudel bandit allows unauthenticated remote denial of service via worker process exhaustion. 'Elixir.Bandit.HTTP1.Socket':doreadchunkeddata!/5 in lib/bandit/http1/socket.ex terminates only when the last-chunk line 0\r\n is...
freerdp: FreeRDP: Denial of service due to use-after-free vulnerability
A flaw was found in FreeRDP. A remote attacker could exploit a use-after-free vulnerability in the xfSetWindowMinMaxInfo function. This occurs when a freed window pointer is dereferenced because the main thread concurrently deletes a window while the Remote Desktop Protocol RAIL channel thread is...
Grafana OSS 安全漏洞
Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from a race condition in Live. This condition may allow authenticated users with the Viewer role to trigger a fatal mapping access error by sending concurrent...
Viewer-triggered race condition in Grafana Live leads to complete server crash
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
PT-2026-40784
Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description A race condition in Grafana Live enables authenticated users with the Viewer role to cause a server crash. By sending concurrent requests, an attacker can trigger a fatal map access error,...
EUVD-2026-29590
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...
CVE-2026-43930
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.76 and 9.9.0-alpha.2, a race condition in the MFA SMS one-time password OTP login path allows two concurrent /login requests carrying the same OTP to both succeed and both receive...
CVE-2026-43930 Parse Server: MFA SMS one-time password accepted twice under concurrent login
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.76 and 9.9.0-alpha.2, a race condition in the MFA SMS one-time password OTP login path allows two concurrent /login requests carrying the same OTP to both succeed and both receive...
CVE-2026-43930 Parse Server: MFA SMS one-time password accepted twice under concurrent login
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.76 and 9.9.0-alpha.2, a race condition in the MFA SMS one-time password OTP login path allows two concurrent /login requests carrying the same OTP to both succeed and both receive...
CVE-2026-43930
CVE-2026-43930 affects Parse Server. A race condition in the MFA SMS OTP login path before 8.6.76 and 9.9.0-alpha.2 can allow two concurrent /login requests carrying the same OTP to succeed, producing two valid session tokens. Impact is breaking single-use OTP; attacker must already know the vict...
PT-2026-40154
Name of the Vulnerable Software and Affected Versions Windows TCP/IP affected versions not specified Description A race condition occurs due to concurrent execution using a shared resource with improper synchronization in Windows TCP/IP. This allows an authorized attacker to elevate privileges...