CVE-2025-38524

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...

Security Bulletin: IBM QRadar Data Synchronization app for IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of...

Linux Distros Unpatched Vulnerability : CVE-2024-37078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a block device on which nilfs2 is mounted can cause a kernel bug in...

Linux Distros Unpatched Vulnerability : CVE-2024-35910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled...

Linux Distros Unpatched Vulnerability : CVE-2024-58087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from session lookup and expire Increment the session reference count...

Linux Distros Unpatched Vulnerability : CVE-2024-40986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix data synchronisation in xdmachannelisr Requests the vchan lock...

CVE-2025-22853

Improper synchronization in the firmware for some IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-49751

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network...

CVE-2025-49762

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-53135

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows DirectX allows an authorized attacker to elevate privileges locally...

kernel: padata: fix UAF in padata_reorder

A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the padatareorder function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure pd is decremented in one thread, freeing it, while another thread still...

kernel: padata: fix UAF in padata_reorder

A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the padatareorder function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure pd is decremented in one thread, freeing it, while another thread still...

CVE-2025-50167

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

CVE-2025-50167

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

CVE-2025-49762

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-49751

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network...

CVE-2025-49751

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network...

CVE-2025-49751

CVE-2025-49751 is a Windows Hyper-V denial-of-service vulnerability caused by missing synchronization. An authenticated, low-privilege attacker on an adjacent network could trigger the condition and deny service. Public details indicate the issue affects Hyper-V; Microsoft released fixes as part ...

CVE-2025-22853

Intel TDX firmware contains an improper synchronization issue that can allow a privileged user with local access to escalate privileges (CVE-2025-22853). The issue is documented in the Intel advisory INTEL-SA-01312 and is associated with Intel(R) TDX firmware and related processors. According to ...

CVE-2025-22853

Improper synchronization in the firmware for some IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...