CVE-2026-5774 Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map

Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...

EUVD-2025-27305

Malicious code in bioql PyPI...

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

The vulnerability of Intel microprogramming software, related to synchronization errors in control logic, allows attackers to exploit this to disclose protected information.

The vulnerability of Intel microprogramming software is related to synchronization errors in the control logic. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the parseProxyProtocolV1() function in the ProxyProtocolReadListener class of the Undertow web server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the parseProxyProtocolV1 function in the ProxyProtocolReadListener class of the Undertow web server is related to the synchronization of requests and responses when processing the StringBuilder parameter. Exploiting this vulnerability can allow a remote attacker to gain...

Design/Logic Flaw

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...

CVE-2023-45084 Media caddy removal and reinsertion without reboot may cause data loss

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...

CVE-2023-45084 Media caddy removal and reinsertion without reboot may cause data loss

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...

CVE-2023-45084

SoftIron HyperCloud CVE-2023-45084 affects density storage nodes running HyperCloud 1.0–pre-2.0.3. A missing synchronization flaw allows removing and reinserting a drive caddy without reboot to cause the system to treat the caddy as new media, wiping all data on the drives. Impact: data availabil...

kernel: Linux kernel KVM: Denial of Service due to incorrect kvm_arm_init failure handling in finalize_pkvm

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for arm64 architectures. This vulnerability arises from a lack of synchronization between the finalizepkvm and kvmarminit initialization calls. A local attacker with low privileges could exploit this by triggering a scenario...

The vulnerability of the function dvb_frontend_test_event() in the driver drivers/media/dvb-core/dvb_frontend.c of the Linux operating system’s DVB kernel, which allows a hacker to cause a service failure.

The vulnerability of the function dvbfrontendtestevent in the driver drivers/media/dvb-core/dvbfrontend.c of the Linux operating system’s DVB kernel is related to incorrect use of synchronization mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of operating systems macOS, iOS, and iPadOS, related to synchronization errors when using shared resources (“Race Conditions”), allows attackers to read arbitrary files.

The vulnerability of operating systems macOS, iOS, and iPadOS is related to synchronization errors when using a shared resource “Race Condition”. Exploiting this vulnerability allows an attacker to read arbitrary files...

PT-2022-5375 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat affected versions not specified Pandora FMS version 7.65 Description: The issue concerns errors in synchronization when using a shared resource in Apache Tomcat, potentially allowing a remote attacker to gain unauthorized access...

The vulnerability of the OverlayFS subsystem in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the OverlayFS subsystem in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the fromData method implementation in the October CMS system allows a perpetrator to execute arbitrary code.

The vulnerability of the fromData method implementation in October CMS is related to the use of a shared resource with incorrect synchronization. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

PT-2022-1970 · Microsoft · Tablet Windows User Interface Application +1

Name of the Vulnerable Software and Affected Versions: Tablet Windows User Interface Application affected versions not specified Description: The issue is related to the use of a shared resource with incorrect synchronization in the Tablet Windows User Interface Application component of the...

Design/Logic Flaw

Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions...

DEBIAN-CVE-2018-25008

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::getmut method. This synchronization issue can be lead to memory safety issues through race conditions...

The vulnerability of JunOS operating system’s MX series routers lies in the simultaneous execution using shared resources with improper synchronization, allowing attackers to escalate their privileges, execute arbitrary code, or cause service failures.

The vulnerability of the JunOS operating system’s MX series routers lies in the simultaneous execution of processes using shared resources with incorrect synchronization. Exploiting this vulnerability allows a remote attacker to enhance their privileges, execute arbitrary code, or cause service...

The vulnerability of the Mojo messaging library in Google Chrome browsers allows attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the Mojo messaging library in Google Chrome browsers is related to the simultaneous execution using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause...