CVE-2019-2290

Multiple open and close from multiple threads will lead camera driver to access destroyed session data pointer in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W,...

EUVD-2017-17209

Malware in sbrugna...

EUVD-2012-2752

Malware in sbrugna...

EUVD-2018-11057

Malware in sbrugna...

EUVD-2017-0128

Malware in sbrugna...

EUVD-2025-23808

Malicious code in bioql PyPI...

CVE-2025-21456

Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently...

SUSE SLES15 Security Update : glibc (SUSE-SU-2025:01784-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01784-1 advisory. Security issues fixed: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen...

CVE-2024-12704

CVE-2024-12704 affects run-llama/llama_index version v0.12.5, specifically the LangChainLLM class. The vulnerability arises in the streaming path: stream_complete runs the LLM in a thread and returns results via StreamingGeneratorCallbackHandler.get_response_gen. If the thread terminates abnormal...

Huawei HarmonyOS Competitive Conditions Issue Vulnerability (CNVD-2025-07621)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a Competitive Condition Issue vulnerability that stems from a multi-threading issue that affects usability. An attacker could...

Huawei HarmonyOS 竞争条件问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a Competitive Condition Issue vulnerability that stems from a multi-threading issue that affects usability. An attacker could...

CVE-2022-49311

CVE-2022-49311 concerns a deadlock in the Linux kernel driver rtl8192bs (rtw_joinbss_event_prehandle) where a timer deletion under a spin_lock_bh caused a timer handler to wait on the same lock. The issue manifested as two threads blocking each other, risking an infinite hang. The documented fix ...

UBUNTU-CVE-2024-56613

In the Linux kernel, the following vulnerability has been resolved: sched/numa: fix memory leak due to the overwritten vma-numabstate Problem Description When running the hackbench program of LTP, the following memory leak is reported by kmemleak. /opt/ltp/testcases/bin/hackbench 20 thread 1000...

SUSE CVE-2013-2906

Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp,...

Mozilla: Use-after-free in InputStream implementation

The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream's on a different thread than creation could have led to a use-after-free and potentially exploitable crash...

Mozilla: Use-after-free in InputStream implementation

The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream's on a different thread than creation could have led to a use-after-free and potentially exploitable crash...

OPENSUSE-SU-2021:1374-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2021-35942: wordexp: handle overflow in positional parameter number bsc1187911 - CVE-2021-33574: Use pthreadattrcopy in mqnotify bsc1186489 This update was imported from the SUSE:SLE-15:Update update project...

GHSA-WCG3-CVX6-7396 Segmentation fault in time

Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library. The...

curl: Race condition with CURL_LOCK_DATA_CONNECT can cause connections to be used at the same time

Summary: We've seen race conditions when using CURLLOCKDATACONNECT in libcurl where sometimes two different threads using two different easy handles ends up sharing the same connection pointer at the same time. This causes UAFs and double frees when both threads are freeing items on the same...

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2326-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2326-1 advisory. A use-after-free was discovered in the SVG implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could...