The vulnerability of the Thunderbird email client, related to synchronization errors when using a shared resource, allows a hacker to execute arbitrary code.

The vulnerability of the Thunderbird email client is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

CVE-2025-22251

An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization...

Fortinet Fortigate Firewall session injection in FGSP (FG-IR-24-287)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-287 advisory. - An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 throug...

The vulnerability of the `btrfs_truncate inode items()` function in the `fs/btrfs/ctree.h` module of the Linux file system support module allows a attacker to cause a service failure.

The vulnerability of the btrfstruncate inode items function in the fs/btrfs/ctree.h module of the Linux file system support library is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the mptcp_pm_nl_append_new_local_addr() function in the net/mptcp/pm_netlink.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the mptcppmnlAppendNewLocalAddr function in the net/mptcp/pmnetlink.c module of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Grafana < 8.5.26 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 8.5.26, or earlier than 9.2.19, or earlier than 9.3.15, or earlier than 9.4.12, or 9.5.x earlier than 9.5.3. It is, therefore, affected by multiple vulnerabilities: - A Missing Authorization...

Grafana < 9.2.19 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 8.5.26, or earlier than 9.2.19, or earlier than 9.3.15, or earlier than 9.4.12, or 9.5.x earlier than 9.5.3. It is, therefore, affected by multiple vulnerabilities: - A Missing Authorization...

Grafana < 9.3.15 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 8.5.26, or earlier than 9.2.19, or earlier than 9.3.15, or earlier than 9.4.12, or 9.5.x earlier than 9.5.3. It is, therefore, affected by multiple vulnerabilities: - A Missing Authorization...

Grafana 9.5.x < 9.5.3 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 8.5.26, or earlier than 9.2.19, or earlier than 9.3.15, or earlier than 9.4.12, or 9.5.x earlier than 9.5.3. It is, therefore, affected by multiple vulnerabilities: - A Missing Authorization...

Grafana < 9.4.12 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 8.5.26, or earlier than 9.2.19, or earlier than 9.3.15, or earlier than 9.4.12, or 9.5.x earlier than 9.5.3. It is, therefore, affected by multiple vulnerabilities: - A Missing Authorization...

Low: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

The vulnerability of the simulation_jalr() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the simulationjalr function in the Linux operating system’s kernel is related to parallel execution using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

Low: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

ALSA-2025:8395 Low: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

HCL Traveler 代码问题漏洞

HCL Traveler is a software from HCL India. It is used to provide automatic, bi-directional, wireless synchronization between HCL Domino servers and wireless handheld devices. A security vulnerability exists in HCL Traveler that stems from vulnerability to DLL hijacking attacks...

CVE-2025-37995

CVSS note: CVE-2025-37995 is a Linux kernel issue with a local exploit vector and a MEDIUM impact rating. The vulnerability arises in module handling of kobjects: in lookup_or_create_module_kobject(), an internal kobject is created using module_ktype, and a call to kobject_put() on the error path...

The vulnerability of the mdelay() function in the Linux operating system’s kernel allows a hacker to increase their privileges.

The vulnerability of the mdelay function in the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

PT-2025-65: Race Condition in FreeScout

The vulnerability was identified in FreeScout, versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to influence the order of execution in multithreaded code because of improper synchronization, leading to unintended actions. Vulnerability status: Confirmed by vendor Da...

CVE-2024-43397

Apollo is a configuration management system. A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks. This exploit enables them to modify a namespace without the necessary permissions. The issue was addressed wit...

CVE-2024-52067

Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. An authorized administrator with access to change logging levels could enable debug logging for framework flow synchronization, causi...