708 matches found
CVE-2026-42991
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
CVE-2026-42912
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Telephony Service allows an authorized attacker to elevate privileges locally...
ROS-20260610-73-0045
The vulnerability of the createirpthread function in the RDP client of FreeRDP is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...
ROS-20260610-73-0046
The vulnerability of the createirpthread function in the RDP client of FreeRDP is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...
ROS-20260610-73-0036
The vulnerability of the SDL3 RDP client for FreeRDP is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...
ROS-20260610-73-0035
The vulnerability of the SDL3 RDP client for FreeRDP is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...
EUVD-2026-35741
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
EUVD-2026-35740
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
EUVD-2026-35739
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
EUVD-2026-35738
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
CVE-2026-42977
CVE-2026-42977 describes a race condition in Windows Push Notifications caused by improper synchronization of a shared resource. This vulnerability enables an authorized, local attacker to elevate privileges. The CVSS 3.1 base score is 7.8 (HIGH) with Local attack vector, high complexity, and req...
EUVD-2026-35590
Concurrent execution using shared resource with improper synchronization 'race condition' in Function Discovery Service fdwsd.dll allows an authorized attacker to elevate privileges locally...
EUVD-2026-35555
Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...
Windows Push Notifications Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
PT-2026-47986
Name of the Vulnerable Software and Affected Versions UI Automation Manager affected versions not specified Description A race condition occurs in the UI Automation Manager uiamanager.dll due to concurrent execution using a shared resource with improper synchronization. This allows an authorized...
PT-2026-47914
Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A race condition occurs in Windows Push Notifications due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges...
ROS-20260609-73-0005
The vulnerability of the PackageKit package manager is related to synchronization errors when using a shared resource “Race Condition”. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the system with root privileges...
PT-2026-47904
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
PT-2026-47905
Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A race condition occurs in Windows Push Notifications due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges...
Direct Request ('Forced Browsing')
Overview org.springframework:spring-webmvc is a package that provides Model-View-Controller MVC architecture and ready components that can be used to develop flexible and loosely coupled web applications. Affected versions of this package are vulnerable to Direct Request 'Forced Browsing' via...