Lucene search
K

298 matches found

NVD
NVD
added 2026/06/28 12:17 p.m.9 views

CVE-2026-13489

A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...

3.1CVSS0.00228EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/28 10:45 a.m.34 views

CVE-2026-13489 78 xiaozhi-esp32 MCP Response mcp_server.cc ParseMessage improper synchronization

A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...

3.1CVSS0.00228EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/25 1:36 p.m.36 views

CVE-2026-46732

Dell Display and Peripheral Manager DDPM Mac, versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of...

6.7CVSS0.00075EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:36 p.m.10 views

EUVD-2026-39402

Dell Display and Peripheral Manager DDPM Mac, versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of...

6.7CVSS5.9AI score0.00075EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:6 p.m.11 views

EUVD-2026-35741

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS5.6AI score0.00173EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.9 views

Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00204EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.12 views

Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00185EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.28 views

PT-2026-47905

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A race condition occurs in Windows Push Notifications due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges...

7.8CVSS5.4AI score0.00185EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-47904

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A race condition occurs in Windows Push Notifications due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges...

7.8CVSS5.9AI score0.00204EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.21 views

PT-2026-47914

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A race condition occurs in Windows Push Notifications due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges...

7.8CVSS5.2AI score0.00173EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/04 7:50 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization in the process that forwards DoQ queries to UDP upstreams, where the DNS transaction ID txid is not preserved and is always set to 0, reducing entropy in the backend tuple. An attacker can increase the likelihoo...

6.9CVSS5.5AI score0.00047EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 6:30 p.m.23 views

EUVD-2026-29607

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.00205EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 6:17 p.m.15 views

CVE-2026-34342

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally...

7CVSS0.0029EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.17 views

Windows Print Spooler Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally...

7CVSS5.9AI score0.0029EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40161

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally...

7CVSS5.9AI score0.0029EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.14 views

PT-2026-40130

Name of the Vulnerable Software and Affected Versions Windows Native WiFi Miniport Driver versions prior to Server 2025 Description A race condition exists in the Windows Native WiFi Miniport Driver due to improper synchronization when using a shared resource. This allows an unauthorized remote...

7.5CVSS6.2AI score0.00297EPSS
Exploits0References13
Snyk
Snyk
added 2026/05/06 7:57 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/06 7:57 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/06 7:57 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/06 7:57 p.m.8 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder