2492 matches found
CVE-2026-8337 Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys when sites are running concurrent public surveys and private surveys
Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...
CVE-2026-0393
The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...
CVE-2026-0393
CVE-2026-0393 affects CODESYS Visualization. Root cause: insufficient isolation of authentication data during concurrent login operations allows credentials to be exposed remotely between low-privileged visualization users, limited to the login phase within an active visualization session. Impact...
EUVD-2026-31266
The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...
CVE-2026-0393 CODESYS Visualization - Insufficiently Protected Credentials
The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...
CVE-2026-0393
The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...
CVE-2026-0393 CODESYS Visualization - Insufficiently Protected Credentials
The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...
PT-2026-42450
Name of the Vulnerable Software and Affected Versions CODESYS Visualization affected versions not specified Description Insufficient isolation of authentication data may cause the remote exposure of credentials between low privileged visualization users during concurrent login operations. This...
CODESYS Visualization 安全漏洞
CODESYS Visualization is a functional module developed by the German company CODESYS. It transforms the operation status of programs into a visual interface. There is a security vulnerability in CODESYS Visualization, which stems from insufficient authentication data isolation. This vulnerability...
GO-2026-4994 free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf
free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/subId crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939SESSIONdeactivate The statement “j1939SESSIONdeactivate should be called with a session ref-count of at least 2” is incorrect. In some concurrent scenarios, j1939SESSIONdeactivate can be...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a NULL pointer issue in freemrinit. A lock grab occurs in a concurrent scenario, resulting in dereferencing a NULL pointer. This issue should be addressed by using initmutexinit before attempting to lock...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed NULL dereferencing and use-after-free in smctcpsynrecvsock Syzkaller reported a panic in smctcpsynrecvsock. smctcpsynrecvsock is called in the TCP receive path softirq via icskafops-synrecvsock on the clcsock TCP...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Serialize sequence allocation under concurrent TLB invalidations With concurrent TLB invalidations, the completion wait timeouts occur randomly because the cmdsemval field was incremented outside of the IOMMU spinlock...
Mailpit: Concurrent map read & write in proxy CSS rewriter - remote unauth crash (fatal error: concurrent map read and map write)
Summary The screenshot/print proxy /proxy?data=… maintains a package-level assets mapstringMessageAssets cache, but reads the map without holding assetsMutex while a long-running cleanup goroutine and re-entrant CSS-rewriting code path concurrently write to it under the lock. When the...
GHSA-W4VJ-R5PG-3722 Mailpit: Concurrent map read & write in proxy CSS rewriter - remote unauth crash (fatal error: concurrent map read and map write)
Summary The screenshot/print proxy /proxy?data=… maintains a package-level assets mapstringMessageAssets cache, but reads the map without holding assetsMutex while a long-running cleanup goroutine and re-entrant CSS-rewriting code path concurrently write to it under the lock. When the...
PT-2026-41967
Summary The screenshot/print proxy /proxy?data=… maintains a package-level assets mapstringMessageAssets cache, but reads the map without holding assetsMutex while a long-running cleanup goroutine and re-entrant CSS-rewriting code path concurrently write to it under the lock. When the...
OpenTelemetry eBPF Instrumentation: CappedConcurrentHashMap leaks keys after removals
Summary The custom CappedConcurrentHashMap introduced for Java TLS state tracking never removes keys from its insertion-order queue when entries are deleted. In long-running instrumented JVMs, repeated connection churn can therefore grow the queue without bound and exhaust heap memory. Details Th...
Exploit for Uncontrolled Resource Consumption in Siemens Simatic_S7-1500_Cpu_1518F-4_Pn\/Dp_Mfp_Firmware
CVE-2023-44487 — HTTP/2 Rapid Reset Test Lab Educational envi...
BIT-GRAFANA-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...