| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. |
| Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. |
| Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. |
| Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. |
| Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. |
| Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
| Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally. |
| Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| In the Linux kernel, the following vulnerability has been resolved:
ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()
This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()").
The original patch attempted to acquire the card->controls_rwsem lock in
fsl_xcvr_mode_put(). However, this function is called from the upper ALSA
core function snd_ctl_elem_write(), which already holds the write lock on
controls_rwsem for the whole put operation. So there is no need to simply
hold the lock for fsl_xcvr_activate_ctl() again.
Acquiring the read lock while holding the write lock in the same thread
results in a deadlock and a hung task, as reported by Alexander Stein. |
