SUSE CVE-2008-3271

Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a...

SUSE CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...

SUSE CVE-2014-3177

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176...

SUSE CVE-2015-0244

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...

SUSE CVE-2015-1799

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...

SUSE CVE-2016-7433

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

SUSE CVE-2017-5972

The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service CPU consumption by sending many TCP SYN packets, as demonstrated by an attack against the...

SUSE CVE-2018-8956

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that...

SUSE CVE-2018-25008

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::getmut method. This synchronization issue can be lead to memory safety issues through race conditions...

SUSE CVE-2019-19064

A memory leak in the fsllpspiprobe function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering pmruntimegetsync failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because a...

SUSE CVE-2021-0606

In drmsyncobjhandletofd of drmsyncobj.c, there is a possible use after free due to incorrect refcounting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

SUSE CVE-2021-28690

x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...

SUSE CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

PT-2023-2508 · Avg +1 · Avg Antivirus +1

Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 22.11 AVG Antivirus versions prior to 22.11 Description: The issue is related to a Time-of-check/Time-of-use TOCTOU vulnerability in the Quarantine process, which can lead to arbitrary file or directory...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that stems from the ability to preview without a watermark...

CVE-2023-0739

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in GitHub repository answerdev/answer prior to 1.0.4...

Race condition

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in GitHub repository answerdev/answer prior to 1.0.4...

CVE-2023-0739 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in answerdev/answer

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in GitHub repository answerdev/answer prior to 1.0.4...

The execution environment vulnerability for JavaScript and TypeScript Deno, related to synchronization errors when using a shared resource, allows a perpetrator to execute arbitrary code.

The vulnerability of the execution environment for JavaScript and TypeScript in Deno is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

CVE-2023-0739 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in answerdev/answer

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in GitHub repository answerdev/answer prior to 1.0.4...