The vulnerability of the fiemap_process_hole() function in the fs/btrfs/extent_io.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the fiemapprocesshole function in the fs/btrfs/extentio.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Incorrect Synchronization

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Incorrect Synchronization due to improper access control mechanisms. An attacker can view and delete any files by directly calling specific API endpoints without needing administrative privileges. This is onl...

The vulnerability of the freeep_fback() function in the drivers/usb/gadget/function/u_audio.c module of the Linux kernel driver allows a hacker to cause a service failure.

The vulnerability of the freeepfback function in the drivers/usb/gadget/function/uaudio.c file of the Linux kernel’s USB driver is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Synology Drive Server SQL注入漏洞

Synology Drive Server is a collaborative office suite from China-based Synology. The product includes document management, collaborative office and file synchronization and backup features. A SQL injection vulnerability exists in Synology Drive Server versions prior to 3.0.4-12699, prior to...

The vulnerability of the at8031_parse_dt() function in the drivers/net/phy/at803x.c module of the Linux physical layer network support driver allows a attacker to cause a service failure.

The vulnerability of the at8031parsedt function in the drivers/net/phy/at803x.c module of the Linux PHY driver for the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the notify_handler() function in the drivers/platform/x86/intel/vbtn.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the notifyhandler function in the drivers/platform/x86/intel/vbtn.c module of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

RLSA-2025:0324 Important: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

[SECURITY] Fedora 42 Update: nextcloud-31.0.0-1.fc42

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

Citrix Virtual Apps and Desktops 2402 CU2 expired certificate

Citrix Virtual Apps and Desktops CVAD 2402 LTSR Cumulative Update 2 CU2 2402.0.2100 contains installers and binaries signed with a now-expired code signing certificate. File signatures are considered valid if either: A timestamp was included at the time of signing, or The certificate used for...

Siemens SCALANCE X-200RNA Switch Devices Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2015-3196)

ssl/s3clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service race condition and double free via a crafted...

UBUNTU-CVE-2024-58087

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from session lookup and expire Increment the session reference count within the lock for lookup to avoid racy issue with session expire...

The vulnerability of the idpf_probe() function in the Intel network adapter drivers (drivers/net/ethernet/intel/idpf/idpf_main.c) in Linux kernel allows a hacker to induce a service failure.

The vulnerability of the idpfprobe function in Intel network adapter drivers drivers/net/ethernet/intel/idpf/idpfmain.c in Linux operating systems is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow an attacker to cause servi...

Moderate: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

ALSA-2025:2600 Moderate: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD The Linux kernel CVE team has assigned CVE-2024-35801 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T...

QNAP Systems HBS 3 Hybrid Backup Sync 安全漏洞

QNAP Systems HBS 3 Hybrid Backup Sync is a data management tool that integrates backup, restore and synchronization functions on Weilian's NAS devices, supporting local, remote and cloud storage backups and providing an efficient data protection solution. A buffer overflow vulnerability exists in...

The vulnerability of the Intel Battery Life Diagnostic Tool, related to synchronization errors when using general resources, allows a hacker to exploit their privileges.

The vulnerability of the Intel Battery Life Diagnostic Tool relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges...

CVE-2024-43062

Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization...

CVE-2024-49836

Memory corruption may occur during the synchronization of the cameras frame processing pipeline...

kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets

In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdownSENDSHUTDOWN for TCPSYNRECV sockets TCPSYNRECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash 1, syzbot managed to trigger a divide by zero in...