Ivanti Secure Access Client 竞争条件问题漏洞

Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a race condition vulnerability. This vulnerability was caused by race conditions, which could lead to local authenticated users...

BIT-JRE-2024-21085

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability...

BIT-JAVA-MIN-2024-21144

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability...

BIT-JAVA-2024-21144

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability...

Parse Server 竞争条件问题漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were vulnerabilities due to concurrency issues in versions of Parse Server prior to 8.6.65 and 9.7.0-alpha.9. These vulnerabilities stemmed from the sensitive...

CVE-2026-32723

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.35, SandboxJS timers have an execution-quota bypass. A global tick state currentTicks.current is shared between sandboxes. Timer string handlers are compiled at execution time using that global tick state rather than the scheduling...

PT-2026-24478

Name of the Vulnerable Software and Affected Versions Sylius versions 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, and 2.2.3 and above Description Sylius, an Open Source eCommerce Framework on Symfony, contains a Time-of-Check To Time-of-Use TOCTOU race condition in the...

CVE-2026-24930

UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-24930

CVE-2026-24930 is a use-after-free (UAF) concurrency vulnerability in the graphics module that may affect system availability. Documented impact: availability; attack vector is local with low complexity and no user interaction required. Affected versions are described as prior to 2026; PT-2026-67...

CVE-2026-24930

UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

EUVD-2020-22623

Malware in sbrugna...

OESA-2025-2070 restic security update

restic is a backup program. It supports verification, encryption, snapshots and deduplication. Security Fixes: A vulnerability was found in Microsoft Azure Identity Library and Microsoft Authentication Library Cloud Software the affected version unknown. It has been rated as problematic.Using CWE...

OESA-2025-2069 restic security update

restic is a backup program. It supports verification, encryption, snapshots and deduplication. Security Fixes: A vulnerability was found in Microsoft Azure Identity Library and Microsoft Authentication Library Cloud Software the affected version unknown. It has been rated as problematic.Using CWE...

Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Semeru Runtime (CVE-2024-21144)

Summary An issue was identified with IBM Semeru Runtime, version 17, which is used in IBM MQ Explorer. Vulnerability Details CVEID:CVE-2024-21144 DESCRIPTION: An unspecified vulnerability in Java SE related to the Concurrency component could allow a remote attacker to cause low availability impac...

USN-7097-1 openjdk-lts vulnerabilities

Andy Boothe discovered that the Networking component of OpenJDK 11 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of OpenJDK 11 did not...

ROS-20240826-27

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

ROS-20240826-26

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

ROS-20240826-25

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

AMD CPU 安全漏洞

AMD CPUs are a family of CPUs from AMD. The AMD CPUs suffer from a competitive condition vulnerability that arises from improper handling of concurrent access when concurrent code requires mutually exclusive access to shared resources during operation of a networked system or product. An attacker...