23 matches found
Incorrect Synchronization
Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Incorrect Synchronization via the query.batch function. An attacker can access data belonging to other users by exploiting a race condition that causes concurrent requests from different...
CVE-2026-21919
An Incorrect Synchronization vulnerability in the management daemon mgd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker with low privileges to cause a complete Denial-of-Service DoS of the management plane. When NETCONF sessions are quickly established and...
EUVD-2020-6221
Malware in sbrugna...
EUVD-2024-32713
Malicious code in bioql PyPI...
Incorrect Synchronization
Overview Affected versions of this package are vulnerable to Incorrect Synchronization in the checkCertId function, when processing multiple concurrent updates to a node's configuration, which can cause a panic. Remediation Upgrade chainmaker.org/chainmaker/net-libp2p/libp2pnet to version 1.2.7 o...
Incorrect Synchronization
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Incorrect Synchronization due to improper access control mechanisms. An attacker can view and delete any files by directly calling specific API endpoints without needing administrative privileges. This is onl...
CVE-2022-1931
Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3...
ROS-20240906-01
Vulnerability of ip6tnlrcv function in net/ipv6/ip6tunnel.c module of Linux kernel IPv6 protocol implementation is related to use of uninitialized memory. of the Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability could allow a remote attacker t...
CVE-2024-5755
In lunary-ai/lunary versions =v1.2.11, an attacker can bypass email validation by using a dot character '.' in the email address. This allows the creation of multiple accounts with essentially the same email address e.g., '[email protected]' and '[email protected]', leading to incorrect...
CVE-2024-5755 Email Validation Bypass in lunary-ai/lunary
In lunary-ai/lunary versions =v1.2.11, an attacker can bypass email validation by using a dot character '.' in the email address. This allows the creation of multiple accounts with essentially the same email address e.g., '[email protected]' and '[email protected]', leading to incorrect...
CVE-2024-4154
In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite not having the...
CVE-2024-4154 Incorrect Synchronization in lunary-ai/lunary
In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite not having the...
CVE-2024-4154 Incorrect Synchronization in lunary-ai/lunary
In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite not having the...
CVE-2024-4154
CVE-2024-4154 affects lunary-ai/lunary, version 1.2.2. The vulnerability is described as an incorrect synchronization flaw that lets unprivileged users rename projects they are not authorized to access by sending a PATCH to the project endpoint with a new name. This can lead to unauthorized modif...
Google Android 竞争条件问题漏洞
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which originates from concurrent execution of shared resources in the TEEI driver using incorrect synchronization contention condition. MT6879, MT6885, MT6893, MT6895,...
CVE-2022-1931
The CVE-2022-1931 entry concerns polonel/trudesk with an incorrect synchronization issue in versions prior to 1.2.3. The core problem is a synchronization flaw in the code path, as stated in multiple sources. According to the NVD entry, the vulnerability has a CVSS-3.1 base score of 8.1 (HIGH) wi...
CVE-2022-1931 Incorrect Synchronization in polonel/trudesk
Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3...
CVE-2020-14059
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...
CVE-2020-14059
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...
Design/Logic Flaw
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...