EUVD-2025-34365

Concurrent execution using shared resource with improper synchronization 'race condition' in Inbox COM Objects allows an unauthorized attacker to execute code locally...

EUVD-2025-34396

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to deny service locally...

CVE-2025-59282

Concurrent execution using shared resource with improper synchronization 'race condition' in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-59193

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2025-54973

A concurrent execution using shared resource with improper synchronization 'Race Condition' vulnerability CWE-362 in Fortinet FortiAnalyzer version 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10 and before 7.0.13 allows an attacker to attempt to win a race condition to bypass the...

Windows Graphics Component Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

Windows Hyper-V Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

Data Sharing Service Spoofing Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally...

PT-2025-42088

Name of the Vulnerable Software and Affected Versions Windows versions prior to the patchday containing the fix for CVE-2025-59196 Description A race condition exists within the Windows SSDP Service due to concurrent execution using a shared resource with improper synchronization. This allows an...

PT-2025-42014

Name of the Vulnerable Software and Affected Versions Microsoft Windows Hyper-V affected versions not specified Description A race condition exists in Windows Hyper-V during concurrent execution using shared resources with improper synchronization. This allows a locally authorized attacker to...

PT-2025-42087

Name of the Vulnerable Software and Affected Versions Microsoft Graphics Component affected versions not specified Description A race condition exists due to concurrent execution using a shared resource with improper synchronization within the Microsoft Graphics Component. This allows a local...

PT-2025-42063

Name of the Vulnerable Software and Affected Versions Windows Connected Devices Platform Service affected versions not specified Description A race condition exists within the Windows Connected Devices Platform Service due to concurrent execution using a shared resource with improper...

PT-2025-42037

Name of the Vulnerable Software and Affected Versions Windows Resilient File System ReFS affected versions not specified Description A race condition exists due to improper synchronization when concurrent processes access shared resources within Windows Resilient File System ReFS. This allows an...

CVE-2025-9621

The WidgetPack Comment System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation on the wpcmtsync action in the wpcmtrequesthandler function. This makes it possible for unauthenticated...

Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. CVE-2024-50154: tcp/dccp: Do not use timerpending in reqskqueueunlink bsc1233072...

EUVD-2025-33658

cross-zip is vulnerable to Directory Traversal through selective use of zip/unzip operations...

Drupal Synchronize composer.Json With Contrib Modules 安全漏洞

Drupal Synchronize composer.Json With Contrib Modules is a module management plugin for the Drupal community. A security vulnerability exists in Drupal Synchronize composer.Json With Contrib Modules, which stems from an issue when synchronizing composer.Json with contributed modules...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0389-1 Rating: important References: 1251334 Cross-References: CVE-2025-11211 CVE-2025-11458 CVE-2025-11460 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes three vulnerabilities is now...

Linux Distros Unpatched Vulnerability : CVE-2023-53573

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Fix suspend/resume Disabling the cache in commit 2ff4ba9e3702 clk: rs9: Fix I2C...

ROS-20251008-07

Vulnerabilities The Go programming language vulnerability is related to synchronization errors when using a of a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...