PT-2022-4165 · Xen +5 · Xen +5

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is caused by synchronization errors when using shared resources in components of the Xen hypervisor, including blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, a...

PT-2022-4540 · Unknown +5 · Xen Hypervisor +5

Name of the Vulnerable Software and Affected Versions: Xen hypervisor affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the blkfront driver of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a...

PT-2022-4539 · Xen +5 · Xen +5

Name of the Vulnerable Software and Affected Versions: Xen hypervisor affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the scsifront driver of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a...

PT-2022-1867 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the Advanced Local Procedure Call ALPC handler of the Microsoft Windows operating system. This can allow an...

PT-2022-1873 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in the Windows Hyper-V hardware virtualization system. This can be exploited to cause a denial of service...

PT-2022-1836 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the Advanced Local Procedure Call ALPC handler of Windows operating systems. This can allow an attacker to...

PT-2022-1973 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to the use of a shared resource with incorrect synchronization in the Windows Update Stack component of the Microsoft Windows operating system. This can allow...

PT-2022-4166 · Xen +5 · Xen +5

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the xenbus component of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a denial of...

PT-2022-4330 · Unknown +5 · Xen Hypervisor +5

Name of the Vulnerable Software and Affected Versions: Xen hypervisor affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the gntalloc driver of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products...

CVE-2022-23232

StorageGRID formerly StorageGRID Webscale versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user accoun...

Review your security vulnerabilities in GitHub with code scanning alerts

Today, for GitHub repositories, our SAST analysis provides fast, precise security feedback directly inside your pull requests. You instantly know how many vulnerabilities are detected and, until now, you would systematically go to SonarCloud to start investigating. Not anymore. From this point...

PT-2022-7490 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a race condition in the configfs component of the Linux kernel. When configfs register subsystem or configfs unregister subsystem is executing link grou...

The vulnerability in the Watchdog application for Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code.

The vulnerability of the Watchdog application for Google Chrome and Microsoft Edge relates to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Improper Synchronization in Jenkins Convertigo Mobile Platform Plugin

Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...

CVE-2022-23639

The CVE-2022-23639 issue affects crossbeam-utils prior to 0.8.7, where alignment of {i,u}64 was assumed to match Atomic{I,U}64. On some 32-bit targets, {i,u}64 alignment can be smaller than Atomic{I,U}64, leading to unaligned memory accesses and data races when using fetch_* with AtomicCell. 32-b...

CVE-2022-23639 Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...

CVE-2022-23639

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...

CVE-2022-23639 Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...

GHSA-PPC3-FPVH-7396 Improper synchronization in Apache Netbeans HTML/Java API

There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in webkit subproject of HTML/Java API version 1.7. A similar vulnerability has recently been disclosed in other Java projects and the fix in HTML/Java API version 1.7.1 follows...