USN-5231-1 389-ds-base vulnerabilities

It was discovered that 389 Directory Server presented to users, during authentication, an error message which could be used to discover if a certain LDAP DN existed or not. A remote unauthenticated attacker could possibly use this to check the existence of an entry in a LDAP database and expose...

Samsung score drive competition condition loophole

Samsung score drive is a driver for Samsung mobile devices. samsung score drive is vulnerable to a contention condition. The vulnerability stems from the lack of proper synchronization points and can be exploited by attackers to perform malicious operations...

PT-2022-4075 · Microsoft · Windows Connected Devices Platform Service +1

Name of the Vulnerable Software and Affected Versions: Windows Connected Devices Platform Service CDPSvc affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Connected Devices Platform Service CDPSvc of Windows operating...

PT-2022-3864 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Windows DNS Server component. This allows a remote attacker to execute arbitrary code on the...

SAMSUNG Mobile devices score driver 安全漏洞

Samsung score drive is a driver for Samsung mobile devices. samsung score drive is vulnerable to a contention condition. The vulnerability stems from the lack of proper synchronization points and can be exploited by attackers to perform malicious operations...

Google Android 竞争条件问题漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which originates from concurrent execution of shared resources in the TEEI driver using incorrect synchronization contention condition. MT6879, MT6885, MT6893, MT6895,...

The vulnerability of Xen hypervisors arises from synchronization errors when using shared resources, allowing a perpetrator to execute arbitrary code.

The vulnerability of Xen hypervisors is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Fedora: Security Advisory for syncthing (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: syncthing-1.20.2-2.fc36

Syncthing replaces other file synchronization services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet. Using syncthing, that control is...

The vulnerability of the `load_elf_binary()` function in the Linux operating system’s kernel allows a hacker to bypass the ASLR protection and expose the protected information.

The vulnerability of the loadelfbinary function in the Linux operating system’s kernel arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to bypass the ASLR protection mechanism and disclose the protected information...

Microsoft Edge’s vulnerability, related to synchronization errors when using a shared resource, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Windows Ancillary Function Driver for WinSock in Windows operating systems allows a hacker to increase their privileges.

The vulnerability of the Windows Ancillary Function Driver for WinSock in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the xbstream_open function in the MariaDB database management system allows a hacker to cause a service failure.

The vulnerability of the xbstreamopen function extra/mariabackup/dsxbstream.cc in the MariaDB database management system is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the Hyper-V hardware virtualization system for Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Hyper-V hardware virtualization technology for Microsoft Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2022-3265 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based Description: The issue is related to synchronization errors when using a shared resource, which can allow an attacker to elevate their privileges. Recommendations: At the moment, there is no information about a...

The vulnerability of microprogrammed solid-state storage devices from Intel(R) Optane, Intel(R) Optane(TM) DC, and Intel(R) DC, related to the simultaneous execution using a shared resource with incorrect synchronization, allows attackers to cause service failures.

The vulnerability of microprogrammed solid-state storage devices from IntelR Optane, IntelR OptaneTM DC, and IntelR DC involves the simultaneous execution of operations using shared resources with improper synchronization. Exploiting this vulnerability can allow attackers to cause service failure...

The vulnerability of the Yandex Browser for Android, related to synchronization errors when using a common resource, allows a hacker to execute arbitrary code.

The vulnerability of the Yandex Browser for Android is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the form synchronization mechanism of the Yandex Browser allows a hacker to perform a CSRF attack.

The vulnerability of the Yandex Browser’s form synchronization mechanism is related to the falsification of cross-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack...

The vulnerability of the DNS Server component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the DNS Server component of the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Advanced Local Procedure Call (ALPC) handler in the Windows operating system allows attackers to escalate their privileges.

The vulnerability of the Advanced Local Procedure Call ALPC in the Windows operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...