8 matches found
CVE-2026-10655
The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...
CVE-2026-10655
Concrete details found: Zephyr’s asynchronous SNTP client (sntp_close_async) can race with the socket service poll thread. Closing the UDP socket descriptor from a different thread (SNTP timeout path) may free and reuse net_context while the poll thread holds a poller node, causing a use-after-fr...
[SECURITY] Fedora 41 Update: podman-tui-1.9.0-1.fc41
podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...
[SECURITY] Fedora 43 Update: podman-tui-1.8.0-1.fc43
podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...
[SECURITY] Fedora 41 Update: podman-tui-1.2.3-1.fc41
podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...
CVE-2023-51571
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...
Design/Logic Flaw
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key...
The vulnerability of the Controller.class.php file on the high-performance PHP Workman server platform allows attackers to execute cross-site scripting attacks against Redis database management systems.
The vulnerability of the Controller.class.php file on the high-performance PHP Workman socket service platform is related to the lack of security measures for the web page structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...