2487 matches found
GNU C Library 安全漏洞
The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions 2.36 and 2.35 of the GNU C Library contain security vulnerabilities. These vulnerabilities arise from the use of the memcmp function in the nscd client, where inpu...
CVE-2026-31824
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
CVE-2026-31824 Sylius has a Promotion Usage Limit Bypass via Race Condition
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
GO-2026-4586 OliveTin has unauthenticated DoS via concurrent map writes in OAuth2 state handling in github.com/OliveTin/OliveTin
OliveTin has unauthenticated DoS via concurrent map writes in OAuth2 state handling in github.com/OliveTin/OliveTin. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...
OESA-2026-1511 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker ...
OESA-2026-1509 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker ...
OESA-2026-1508 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker ...
BIT-DJANGO-2026-25674 Potential incorrect permissions on newly created file system objects
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Next.js RCE Scanner !Licensehttps://img.sh...
CVE-2026-28789
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...
EUVD-2026-9873
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...
CVE-2026-28789
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...
CVE-2026-28789 OliveTin: Unauthenticated DoS via concurrent map writes in OAuth2 state handling
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...
CVE-2026-28789 OliveTin: Unauthenticated DoS via concurrent map writes in OAuth2 state handling
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...
CVE-2026-28789
OliveTin prior to 3000.10.3 is vulnerable to an unauthenticated denial-of-service in the OAuth2 login flow. Concurrent requests to /oauth/login can access a shared registeredStates map unsafely, causing a Go runtime panic (fatal error: concurrent map writes) and terminating the process when OAuth...
Python Library Django 4.2.x < 4.2.29 / 5.2.x < 5.2.12 / 6.0.x < 6.0.3 Race Condition
The detected version of the Django Python package, is 4.2.x prior to 4.2.29, 5.2.x prior to 5.2.12, or 6.0.x prior to 6.0.3. It is, therefore, affected by a race condition vulnerability as referenced by security release advisory: - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005660)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005660 advisory. In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtrrecvmsg Syzbot reported a bug as following: refcountt:...
CVE-2025-47376
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls...
CVE-2025-47379
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources...
CVE-2025-47386
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs...