286 matches found
CVE-2025-27492
CVE-2025-27492 arises from a race condition in Windows Secure Channel (Schannel) due to improper synchronization on a shared resource, enabling a locally authenticated attacker to elevate privileges. The entry is supported by multiple sources noting a Windows Privilege Elevation vulnerability and...
Windows Secure Channel Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Secure Channel allows an authorized attacker to elevate privileges locally...
Siemens SCALANCE X-200RNA Switch Devices Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2015-3196)
ssl/s3clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service race condition and double free via a crafted...
CVE-2024-43062
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization...
CVE-2024-43062
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization...
CVE-2024-43062 Use After Free in Camera Linux
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization...
CVE-2024-43062
CVE-2024-43062 describes a memory corruption issue in Qualcomm chipsets caused by missing locks and checks on the DMA fence and improper synchronization. The vulnerability affects the DMA subsystem (fence synchronization) and is explained as a root-cause failure to properly synchronize access, le...
Race Condition
Duende.AccessTokenManagement is vulnerable to a Race condition. The vulnerability is due to improper synchronization in access token retrieval, allowing an attacker to obtain a token with incorrect scopes or resource indicators, potentially leading to unauthorized access...
CVE-2024-26578
Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...
The vulnerability in the Firefox web browser and the Thunderbird email client arises from the simultaneous execution using a shared resource with incorrect synchronization, allowing an attacker to cause a service failure.
The vulnerability in the Firefox web browser and the Thunderbird email client is related to the simultaneous execution of processes using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the drivers/gpu/drm/vmwgfx cores of the Linux operating system, which allows a hacker to trigger a service failure
The vulnerability of the drivers/gpu/drm/vmwgfx cores in the Linux operating system is related to the simultaneous execution using shared resources with improper synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the hfsplus_file_truncate() function in the fs/hfsplus/extents.c component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the hfsplusfiletruncate function in the fs/hfsplus/extents.c component of the Linux operating system is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...
Race Condition Vulnerability
github.com/moby/moby is vulnerable to a Race Condition. The vulnerability is due to improper synchronization in builder/builder-next/adapters/snapshot/layer.go within the EnsureLayer function, allowing concurrent builds to access shared resources without adequate safeguards, leading to resource...
Moderate: Red Hat Security Advisory: qemu-kvm security update
An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
qemu-kvm security update
9.0.0-10 - kvm-nbd-server-CVE-2024-7409-Avoid-use-after-free-when-c.patch RHEL-52617 - Resolves: RHEL-52617 CVE-2024-7409 qemu-kvm: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure rhel-9.5 9.0.0-9 -...
Moderate: Red Hat Security Advisory: qemu-kvm security update
An update for qemu-kvm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
openSUSE Security Advisory (SUSE-SU-2024:3948-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3744-1 Security update for qemu
This update for qemu fixes the following issues: Security fixes: - CVE-2024-8354: Fixed assertion failure in usbepget bsc1230834 - CVE-2024-8612: Fixed information leak in virtio devices bsc1230915 Update version to 8.2.7: Security fixes: - CVE-2024-7409: Fixed denial of service via improper...
Moderate: Red Hat Security Advisory: qemu-kvm security update
An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...