The vulnerability of the Windows Message Queuing system, which allows a hacker to escalate their privileges

The vulnerability of Windows’ Message Queuing system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s kernel is related to synchronization errors when using a shared resource „Race Conditions“. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2024-25468

An issue in TOTOLINK X5000R V.9.1.0u.6369B20230113 allows a remote attacker to cause a denial of service via the hosttime parameter of the NTPSyncWithHost component...

CVE-2024-26260

The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission...

CVE-2024-26260

The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission...

CVE-2024-26260 Hgiga OAKlouds - Command Injection

The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission...

CVE-2024-26260 Hgiga OAKlouds - Command Injection

The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission...

CVE-2024-26260

HGiga OAKlouds is affected by an OS command injection in the synchronization function of certain modules, enabling remote command execution via specific request parameters. Root cause is input/sanitization in those parameters leading to arbitrary code execution on the server; CVSS v3.1 base score...

CVE-2024-22389

When BIG-IP is deployed in high availability HA and an iControl REST API token is updated, the change does not sync to the peer device. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP Security Vulnerabilities

F5 BIG-IP is an application delivery platform from F5 Corporation that integrates network traffic management, application security management, and load balancing. A security vulnerability exists in the F5 BIG-IP that originates when the BIG-IP is deployed with High Availability HA and an iControl...

Unbreakable Enterprise kernel security update

5.15.0-203.146.5.1 - Revert 'selftests/bpf: Test tail call counting with bpf2bpf and data on stack' Samasth Norway Ananda Orabug: 36277693 - Revert 'tcp: fix excessive TLP and RACK timeouts from HZ rounding' Sherry Yang Orabug: 36277684 5.15.0-203.146.5 - i2c: core: Fix atomic xfer check for...

The vulnerability of the BuildKit container-building software relates to synchronization errors when using a shared resource. This “race condition” allows a malicious actor to gain unauthorized access to container files on the host system.

The vulnerability of the BuildKit container-building software is related to synchronization errors when using a shared resource. This “race condition” allows a malicious actor to gain unauthorized access to container files on the host system...

Race condition

PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and missionfeasibilitychecker.cpp. This will result in the drone uploading overlapping geofences and mission routes...

PX4 Drone Autopilot Security Vulnerability

PX4 Drone Autopilot is a PX4 Drone Autopilot for Drones open source. A security vulnerability exists in PX4 Drone Autopilot version 1.14 and earlier versions that stems from a lack of a synchronization mechanism for loading geofencing data...

The vulnerability of the Software Update component in the macOS operating system allows a hacker to elevate their privileges to root level.

The vulnerability of the Software Update component in the macOS operating system arises from the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

The vulnerability of the DevmemIntAcquireRemoteCtx() function in the PowerVR GPU driver for Android and ChromeOS allows a hacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the DevmemIntAcquireRemoteCtx function in the PowerVR GPU driver for Android and ChromeOS systems is related to synchronization errors when using shared resources. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain elevated privileges...

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Synchronization in Grafana (CVE-2023-2801)

Summary Grafana is used by IBM Storage Ceph as a monitoring dashboard. CVE-2023-2801 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID:CVE-2023-2801 DESCRIPTION: Grafana is vulnerable to a denial of service, caused by a proxy race...

Vinchin Backup And Recovery 7.2 syncNtpTime Command Injection

CVE ID: CVE-2024-22899 Title: Command Injection Vulnerability in Vinchin Backup and Recovery's syncNtpTime Function in Versions 7.2 and Earlier Description: A critical security vulnerability, identified as CVE-2024-22899, has been discovered in the syncNtpTime function of Vinchin Backup and...

CVE-2023-51042

A use-after-free flaw was found in the Linux kernel's AMD GPU driver which may allow access to members of a synchronization structure after the structure is freed. This issue could allow a local user to crash the system or to access confidential system memory. Mitigation To mitigate this issue,...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...