Lucene search
K

15 matches found

OSV
OSV
added 2026/06/24 3:46 p.m.1 views

CVE-2026-54906 concurrent-ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can...

2.1CVSS5.9AI score0.0016EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/09 1:3 a.m.6 views

kernel: Linux kernel io_uring: Local privilege escalation, information disclosure, or denial of service via use-after-free

A flaw was found in the Linux kernel's iouring subsystem. A local attacker with low privileges could exploit a use-after-free vulnerability when the sq-thread object is prematurely released while still being accessed by the iouringshowfdinfo function. This flaw could lead to privilege escalation,...

7.8CVSS5.9AI score0.00159EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004348 advisory. In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional...

7CVSS7.1AI score0.00152EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001606)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001606 advisory. In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional...

7CVSS7.1AI score0.00152EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004122)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004122 advisory. In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional...

7CVSS7.1AI score0.00152EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-0030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no...

7CVSS7.1AI score0.00152EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from iouring releasing sq-thread after use in iouringshowfdinfo...

7.8CVSS7AI score0.00159EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.5 views

SUSE CVE-2020-0030

In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

7CVSS6.7AI score0.00152EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/11/10 10:37 a.m.3 views

Mozilla: Use-after-free in HTTP2 Session object

The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash...

8.8CVSS7.4AI score0.0111EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/10 9:58 a.m.4 views

Mozilla: Use-after-free in HTTP2 Session object

The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash...

8.8CVSS7.4AI score0.0111EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/03 7:52 p.m.3 views

Mozilla: Use-after-free in HTTP2 Session object

The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash...

8.8CVSS7.4AI score0.0111EPSS
Exploits0References4
OSV
OSV
added 2020/02/13 3:15 p.m.6 views

DEBIAN-CVE-2020-0030

In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

7CVSS7.1AI score0.00152EPSS
Exploits0References1
Prion
Prion
added 2020/02/13 3:15 p.m.17 views

Race condition

In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

6.9CVSS7AI score0.00152EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/02/13 2:22 p.m.29 views

CVE-2020-0030

In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

7CVSS7.2AI score0.00152EPSS
Exploits0
CNVD
CNVD
added 2019/04/04 12:0 a.m.2 views

Google Android Qualcomm Closed Source Component Input Validation Error Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. An input validation error vulnerability exists in the Qualcomm closed source component in Android. An attacker can exploit this vulnerability to write arbitrary memory addresses passed by the use...

7.8CVSS7AI score0.00208EPSS
Exploits0References1
Rows per page
Query Builder