CVE-2026-5774 Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map

Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...

EUVD-2025-27305

Malicious code in bioql PyPI...

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

Design/Logic Flaw

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...

CVE-2023-45084 Media caddy removal and reinsertion without reboot may cause data loss

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...

CVE-2023-45084

SoftIron HyperCloud CVE-2023-45084 affects density storage nodes running HyperCloud 1.0–pre-2.0.3. A missing synchronization flaw allows removing and reinserting a drive caddy without reboot to cause the system to treat the caddy as new media, wiping all data on the drives. Impact: data availabil...

CVE-2023-45084 Media caddy removal and reinsertion without reboot may cause data loss

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...

kernel: Linux kernel KVM: Denial of Service due to incorrect kvm_arm_init failure handling in finalize_pkvm

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for arm64 architectures. This vulnerability arises from a lack of synchronization between the finalizepkvm and kvmarminit initialization calls. A local attacker with low privileges could exploit this by triggering a scenario...

PT-2022-5375 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat affected versions not specified Pandora FMS version 7.65 Description: The issue concerns errors in synchronization when using a shared resource in Apache Tomcat, potentially allowing a remote attacker to gain unauthorized access...

PT-2022-1970 · Microsoft · Tablet Windows User Interface Application +1

Name of the Vulnerable Software and Affected Versions: Tablet Windows User Interface Application affected versions not specified Description: The issue is related to the use of a shared resource with incorrect synchronization in the Tablet Windows User Interface Application component of the...

Design/Logic Flaw

Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions...

DEBIAN-CVE-2018-25008

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::getmut method. This synchronization issue can be lead to memory safety issues through race conditions...

Design/Logic Flaw

ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops...

DEBIAN-CVE-2007-4410

ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops...