MiracleLinux 4 : cvs-1.11.23-11.1.0.1.AXS4 (AXSA:2012-238:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-238:01 advisory. CVS Concurrent Versions System is a version control system that can record the history of your files usually, but not always, source code. CVS only stores the...

CVE-2026-20867

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2026-20867

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2026-20853

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privileges locally...

CVE-2026-20848

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

AZL-74445 CVE-2025-68774 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

UBUNTU-CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774 hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

kernel: smb: client: fix race with concurrent opens in rename(2)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename2 Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outstanding I/O to complete as well as marking all...

kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths

A use-after-free vulnerability was found in the DWC3 USB controller driver in the Linux kernel. Multiple unsynchronized execution paths can invoke dwc3removerequests concurrently, leading to premature freeing of USB requests. When one path frees requests while another is still processing them, a...

PT-2026-2731

CVE-2026-20926 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges … https://t.co/V8g8uUheOy...

PT-2026-2706

CVE-2026-20861 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate pr… https://t.co/7rh4yHRbHT...

PT-2026-2714

Name of the Vulnerable Software and Affected Versions Windows Local Session Manager LSM affected versions not specified Description A flaw exists in Windows Local Session Manager LSM related to concurrent execution using a shared resource with improper synchronization, creating a race condition...

PT-2026-2719

CVE-2026-20874 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate pr… https://t.co/KTYAuV7eee...

PT-2026-2659

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A flaw exists due to concurrent execution using a shared resource with improper synchronization, specifically a race condition within the Printer Association Object. This allows a locally authorized attacker t...

PT-2026-2699

CVE-2026-20853 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privil… https://t.co/1I7UilLbTk...

PT-2026-2736

CVE-2026-20934 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges … https://t.co/zKlEBGeVSJ...