The vulnerability of the Team Chat component in Zoom’s video conferencing software allows attackers to disclose protected information.

The vulnerability of the Team Chat component in Zoom’s video conferencing software is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker who operates remotely to disclose sensitive information...

The vulnerability of Zoom’s video conferencing software, related to synchronization errors when using shared resources (“Race Situation”), allows attackers to escalate their privileges.

The vulnerability of Zoom’s video conferencing software is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the GPU driver for Mali-based processors, based on Arm, Bifrost, and Valhall architectures, allows a hacker to execute arbitrary code.

The vulnerability of the GPU driver for Mali-based processors based on Arm, Bifrost, and Valhall is related to synchronization errors when using shared resources. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the Packet Forwarding Engine (PFE) mechanism in Juniper Networks’ Junos OS operating system allows a attacker to cause a service failure. This vulnerability affects devices in the ACX5448 and ACX710 series.

The vulnerability of the Packet Forwarding Engine PFE mechanism in Juniper Networks’ Junos OS on ACX5448 and ACX710 series devices is related to synchronization errors. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the QlikView analytical platform, related to synchronization errors when using a common resource, allows a perpetrator to execute arbitrary code.

The vulnerability of the QlikView analytical platform is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to execute arbitrary code within the context of the Windows administrator...

CVE-2024-38806

Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0 https://github.com/cloudfoundry/cf-deployment/releases/tag/v40.17.0 , potentially resulting in users retaining access rights they should not have. This can allow them to perform operations beyond their...

CVE-2024-38806 UAA Failure to Remove Shadow User’s Access

Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0 https://github.com/cloudfoundry/cf-deployment/releases/tag/v40.17.0 , potentially resulting in users retaining access rights they should not have. This can allow them to perform operations beyond their...

Time-of-check Time-of-use (TOCTOU) Race Condition

Apache streampipes is vulnerable to Time-of-check Time-of-use TOCTOU Race Condition. The vulnerability arises from insufficient synchronization during user registration, allowing multiple simultaneous requests to check and register a user using the same email address. Attackers exploit this by...

SUSE CVE-2022-48830

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...

PT-2024-28228 · Cloud Foundry Foundation · Cloud Foundry

Name of the Vulnerable Software and Affected Versions: Cloud Foundry Foundation version v40.17.0 Description: The issue is related to a failure in properly synchronizing a user's permissions in the User Account and Authentication UAA system. This potentially results in users retaining access righ...

CVE-2022-48838 usb: gadget: Fix use-after-free bug by not setting udc->dev.driver

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc-dev.driver The syzbot fuzzer found a use-after-free bug: BUG: KASAN: use-after-free in devuevent+0x712/0x780 drivers/base/core.c:2320 Read of size 8 at addr ffff88802b934098 ...

CVE-2022-48838 usb: gadget: Fix use-after-free bug by not setting udc->dev.driver

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc-dev.driver The syzbot fuzzer found a use-after-free bug: BUG: KASAN: use-after-free in devuevent+0x712/0x780 drivers/base/core.c:2320 Read of size 8 at addr ffff88802b934098 ...

SUSE CVE-2024-38528

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such ...

SUSE CVE-2024-40986

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix data synchronisation in xdmachannelisr Requests the vchan lock before using xdma-stoprequest...

Citrix Endpoint Management: Active Directory Issues

Introduction Active Directory AD integration issues in XenMobile can range from synchronization errors to authentication failures and configuration complications. This series of articles offers troubleshooting guidance and best practices to address these challenges, ensuring smooth operation and...

Error: "An error occurred during synchronization" in StoreFront

When trying to synchronize changes on a StoreFront multi-server environment, the following errors are displayed: Error: “An error occurred during synchronization” You might also view errors in the StoreFront Server Console Server Group. Error: “Cannot get valid synchronization state information...

Unable to Remove Decommissioned Server from StoreFront

Unable to remove decommissioned server from StoreFront deployment using StoreFront GUI and Remove Server action. The console is stuck and the following error appears: “Cannot Remove Server” In this case, in the StoreFront console you might see the following warning message: In addition, the...

Provisioning Services Time Synchronization Requirements

The Provisioning Services StreamProcess becomes unresponsive when a time change occurs on the Provisioning Services Server...

DEBIAN-CVE-2024-40986

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix data synchronisation in xdmachannelisr Requests the vchan lock before using xdma-stoprequest...

CVE-2024-39501

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...