Improper synchronization in Apache Netbeans HTML/Java API

There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in webkit subproject of HTML/Java API version 1.7. A similar vulnerability has recently been disclosed in other Java projects and the fix in HTML/Java API version 1.7.1 follows...

Mitsubishi Electric GOT2000 series and GT SoftGOT2000 (CVE-2021-20592)

Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions...

Mitsubishi Electric MELSEC-Q QJ71E71 series Improper Synchronization (CVE-2016-8368)

An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to conne...

PT-2022-1970 · Microsoft · Tablet Windows User Interface Application +1

Name of the Vulnerable Software and Affected Versions: Tablet Windows User Interface Application affected versions not specified Description: The issue is related to the use of a shared resource with incorrect synchronization in the Tablet Windows User Interface Application component of the...

PT-2022-1969 · Microsoft · Windows Dwm Core Library +1

Name of the Vulnerable Software and Affected Versions: Windows DWM Core Library affected versions not specified Description: The issue is related to the use of a shared resource with incorrect synchronization in the Windows DWM library of the Microsoft Windows operating system. This can allow an...

NTP time sync issue on VPX running on VMware platform

For Citrix ADC VPX instances deployed on VMware ESXi hypervisor, the Citrix ADC system time might go out of sync and consequently network time protocol NTP synchronization is lost. This problem occurs due to an issue with VMware ACPI timer emulation. tail -f ntpd.log 6 Dec 01:06:23 ntpd42663:...

CVE-2021-44564

A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to...

The vulnerability of Google Chrome’s web storage mechanism, which allows a hacker to circumvent existing security restrictions

The vulnerability of Google Chrome browser-based web storage is caused by synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions remotely...

PT-2025-8237

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock issue has been identified in the Linux kernel, specifically in the rtw joinbss event prehandle function. This occurs when two threads attempt to access the same lock,...

Huawei HarmonyOS APK unverified signature during installation vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS has a security vulnerability that could be exploited by attackers to isolate and read synchronization files from other applications via UID sandboxing...

The vulnerability of the embedded software of NETGEAR routers such as NETGEAR GC108P, NETGEAR GC108PP, NETGEAR GS108Tv3, NETGEAR GS110TPP, NETGEAR GS110TPv3, NETGEAR GS110TUP, NETGEAR GS308T, NETGEAR GS310TP, NETGEAR GS710TUP, NETGEAR GS716TP, NETGEAR GS716TPP, NETGEAR GS724TPP, NETGEAR GS724TPv2, NETGEAR GS728TPPv2, NETGEAR GS728TPv2, NETGEAR GS750E, NETGEAR GS752TPP, NETGEAR GS752TPv2, NETGEAR MS510TXM, and NETGEAR MS510TXUP arises due to synchronization errors when using a shared resource. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the embedded software of NETGEAR routers such as NETGEAR GC108P, NETGEAR GC108PP, NETGEAR GS108Tv3, NETGEAR GS110TPP, NETGEAR GS110TPv3, NETGEAR GS110TUP, NETGEAR GS308T, NETGEAR GS310TP, NETGEAR GS710TUP, NETGEAR GS716TP, NETGEAR GS716TPP, NETGEAR GS724TPP, NETGEAR GS724TPv2...

The vulnerability of the libxpc library in operating systems such as Mac OS, tvOS, iOS, iPadOS, and watchOS allows attackers to escalate their privileges.

The vulnerability of the libxpc library in Mac OS, tvOS, iOS, iPadOS, and watchOS is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to gain increased privileges...

[SECURITY] Fedora 35 Update: isync-1.4.4-1.fc35

mbsync is a command line application which synchronizes mailboxes. Currently Maildir and IMAP4 mailboxes are supported. New messages, message deletions and flag changes can be propagated both ways. mbsync is suitable for use in IMAP-disconnected mode...

CVE-2021-41025

CVE-2021-41025 affects Fortinet FortiWeb’s confd authentication mechanism. Affected FortiWeb versions include 6.0.0–6.0.7, 6.1.0–6.1.2, 6.2.0–6.2.6, 6.3.0–6.3.15, 6.4.0–6.4.1. The issue comprises concurrent execution using a shared resource with improper synchronization and an authentication bypa...

CVE-2021-37086

There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers which can isolate and read synchronization files of other applications across the UID sandbox...

CVE-2021-37086

There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers which can isolate and read synchronization files of other applications across the UID sandbox...

CVE-2021-37086

There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers which can isolate and read synchronization files of other applications across the UID sandbox...

[SECURITY] Fedora 34 Update: isync-1.4.4-1.fc34

mbsync is a command line application which synchronizes mailboxes. Currently Maildir and IMAP4 mailboxes are supported. New messages, message deletions and flag changes can be propagated both ways. mbsync is suitable for use in IMAP-disconnected mode...

EFM ipTIME C200 IP Camera 操作系统命令注入漏洞

EFM ipTIME C200 IP Camera is a hardware device from EFM Korea. It provides a camera device for surveillance. The EFM ipTIME C200 IP Camera suffers from an operating system command injection vulnerability that stems from the fact that when the ipTIME C200 IP Camera is synchronized with the ipTIME...

PT-2021-7107 · Ldap +2 · Ldap +2

Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 13.2.99.83 Tuleap Enterprise Edition versions prior to 13.1-6 Tuleap Enterprise Edition versions prior to 13.2-4 Description: The issue exists due to improper sanitization of the search filter built from the ldap id...