MiracleLinux 3 : kernel-2.6.18-53.17AXS3 (AXSA:2009-02:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-02:01 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

CVE-2026-20934

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

CVE-2026-20853

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privileges locally...

CVE-2026-20830

Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...

CVE-2026-20867

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2026-20848

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

CVE-2026-20814

CVE-2026-20814 is a local privilege-escalation in the Microsoft Graphics Kernel caused by a race condition when accessing a shared resource. An authorized local attacker could elevate privileges on affected Windows systems. The issue is documented in multiple sources (e.g., CVE lists and ENISA EU...

CVE-2025-71076

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

UBUNTU-CVE-2025-71079

In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfcunregisterdevice and rfkillfopwrite A deadlock can occur between nfcunregisterdevice and rfkillfopwrite due to lock ordering inversion between devicelock and rfkillglobalmutex. The problematic lo...

Windows Management Services Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

Windows Management Services Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

Windows SMB Server Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

Windows SMB Server Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Graphics Kernel allows an authorized attacker to elevate privileges locally...

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Graphics Kernel allows an authorized attacker to elevate privileges locally...

Windows SMB Server Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

Windows WalletService Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privileges locally...

Windows Management Services Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2025-71084

CVE-2025-71084 (Linux kernel) fixes a leak in the multicast GID table reference within RDMA/cm. If the CM ID is destroyed while the multicast creation event is queued, cancel_work_sync() can prevent the work from running and destroy ah_attr, causing a refcount leak and a WARN in kernel logs. Affe...

CVE-2025-71076

Technical details for CVE-2025-71076 are not publicly provided in the supplied documents. Monitor for updates for affected products, versions, exploitability, and remediation specifics.