Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-34892

Summary
Assigner-zdi
Assigner Org ID-99f1926a-a320-47d8-bbb5-42feb611262e
Published At-18 Jul, 2022 | 14:17
Updated At-03 Aug, 2024 | 09:22
Rejected At-
Credits

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16396.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:zdi
Assigner Org ID:99f1926a-a320-47d8-bbb5-42feb611262e
Published At:18 Jul, 2022 | 14:17
Updated At:03 Aug, 2024 | 09:22
Rejected At:
▼CVE Numbering Authority (CNA)

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16396.

Affected Products
Vendor
Parallels International GmbhParallels
Product
Desktop
Versions
Affected
  • Parallels Desktop 17.1.1
Problem Types
TypeCWE IDDescription
CWECWE-362CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Type: CWE
CWE ID: CWE-362
Description: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Metrics
VersionBase scoreBase severityVector
3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
aegis
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.parallels.com/125013
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-22-943/
x_refsource_MISC
Hyperlink: https://kb.parallels.com/125013
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-22-943/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.parallels.com/125013
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-22-943/
x_refsource_MISC
x_transferred
Hyperlink: https://kb.parallels.com/125013
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-22-943/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:zdi-disclosures@trendmicro.com
Published At:18 Jul, 2022 | 15:15
Updated At:28 Jul, 2022 | 13:53

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16396.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Parallels International Gmbh
parallels
>>parallels_desktop>>17.1.1
cpe:2.3:a:parallels:parallels_desktop:17.1.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-362Primaryzdi-disclosures@trendmicro.com
CWE ID: CWE-362
Type: Primary
Source: zdi-disclosures@trendmicro.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://kb.parallels.com/125013zdi-disclosures@trendmicro.com
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-943/zdi-disclosures@trendmicro.com
Third Party Advisory
VDB Entry
Hyperlink: https://kb.parallels.com/125013
Source: zdi-disclosures@trendmicro.com
Resource:
Vendor Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-22-943/
Source: zdi-disclosures@trendmicro.com
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

60Records found
CVE-2017-16001
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.99%
||
7 Day CHG~0.00%
Published-06 Nov, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.

Action-Not Available
Vendor-n/aHashiCorp, Inc.
Product-vagrantn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2016-9794
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.72%
||
7 Day CHG~0.00%
Published-28 Dec, 2016 | 07:42
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2016-9806
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.20%
||
7 Day CHG~0.00%
Published-28 Dec, 2016 | 07:42
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-415
Double Free
CVE-2022-31645
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.34%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 17:07
Updated-30 Dec, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.

Action-Not Available
Vendor-HP Inc.
Product-zbook_studio_g5_firmwareprodesk_600_g2_desktop_minielitedesk_800_g8_tower_firmwarez2_mini_g5_workstation_firmwareelitebook_845_g8eliteone_1000_g2_23.8-in_all-in-one_business_firmwareprodesk_600_g5_small_form_factorprobook_640_g7zhan_66_pro_g3_24_all-in-oneprodesk_680_g2_microtowerengage_flex_pro-c_retail_systemzhan_66_pro_14_g2probook_630_g8_firmwareelitebook_x360_830_g5_firmwareelitebook_x360_830_g5elitedesk_880_g8_towerelitebook_1040_g3_firmwareprodesk_400_g5_desktop_minielite_x2_1013_g3pro_x360_fortis_g10engage_flex_pro-c_retail_system_firmwareeliteone_800_g3_23.8_non-touch_all-in-one_business_firmwareelite_x360_830_g9_2-in-1_firmwareproone_400_g6_24_all-in-one_firmwareprodesk_400_g5_small_form_factorprobook_445_g6pro_tower_400_g9_firmwareelitebook_840_g7_firmwareprobook_445_g7prodesk_400_g5_desktop_mini_firmwareeliteone_800_g3_23.8-inch_touch_gpu_all-in-onezbook_17_g6probook_650_g8_firmwarezbook_studio_g9elitebook_630_g9_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-onezbook_fury_17_g7_firmwareprobook_645_g4_firmwarezhan_66_pro_14_g3elitebook_836_g6prodesk_600_g4_small_form_factorzbook_17_g6_firmwarez2_tower_g8_workstation_firmwareelitedesk_805_g6_small_form_factoreliteone_800_g3_23.8-inch_touch_all-in-one_firmwarez2_tower_g8_workstationz2_tower_g5_workstation_firmwareelitebook_850_g5_firmwareeliteone_800_g3_23.8-inch_non-touch_all-in-oneelite_tower_600_g9_firmwarez2_small_form_factor_g8_workstationelite_slice_g2_firmwareelitebook_x360_1030_g7_firmwareelitedesk_800_g4_tower_firmwareelite_tower_880_g9_firmwarezbook_fury_15_g7prodesk_600_g6_microtower_firmwareelitedesk_800_g8_desktop_mini_firmwarezhan_66_pro_15_g3zbook_power_g9elitedesk_800_g8_small_form_factor_firmwareprodesk_400_g4_desktop_mini_firmwareelitebook_x360_1040_g8_firmwaremt46_mobile_thin_client_firmwareelitebook_865_g9elitedesk_800_g5_desktop_minielitedesk_705_g3probook_x360_11_g6_eeprodesk_405_g6_desktop_mini_firmwareeliteone_1000_g1_23.8-in_all-in-one_businesselitebook_840_g5_firmwareelitedesk_800_65w_g2_desktop_minipro_tower_480_g9prodesk_400_g5_microtower_firmwareelitebook_835_g8eliteone_1000_g2_23.8-in_all-in-one_businesselitebook_x360_1030_g8probook_640_g5proone_600_g3_21.5-inch_non-touch_all-in-one_firmwareprodesk_680_g3_microtowerprodesk_405_g4_small_form_factor_firmwareelitedesk_800_95w_g4_desktop_miniprodesk_600_g2_desktop_mini_firmwareprobook_x360_11_g4_ee_firmwareeliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_firmwareeliteone_1000_g1_27-in_4k_uhd_all-in-one_business_firmwareelite_dragonfly_g2elitebook_830_g6z2_small_form_factor_g4_workstationelite_x360_1040_g9_2-in-1probook_430_g6_firmwareeliteone_800_g5_23.8-inch_all-in-oneprobook_650_g5_firmwarez1_entry_tower_g5_workstationprobook_x360_435_g7_firmwareprobook_x360_11_g6_ee_firmwareelite_x2_1012_g2_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_firmwarezbook_fury_17_g8z1_entry_tower_g5_workstation_firmwareprodesk_400_g6_microtowerelitedesk_800_g4_small_form_factorelitedesk_705_g4_small_form_factor_firmwareprodesk_600_g6_desktop_minielitebook_x360_830_g7probook_445_g7_firmwareelitebook_x360_1040_g8elitedesk_705_g3_firmwareprobook_450_g5probook_450_g6_firmwareprobook_455_g5probook_430_g5_firmwareelitebook_836_g5_firmwareprobook_650_g7_firmwarezbook_17_g5proone_440_g4_23.8-inch_non-touch_all-in-one_business_firmwarezhan_66_pro_15_g3_firmwareproone_400_g4_23.8-inch_non-touch_all-in-one_businessprobook_440_g7elite_folio_2-in-1elitedesk_705_g4_small_form_factorprodesk_400_g4_microtower_firmwareelite_tower_880_g9z2_tower_g5_workstationelitedesk_800_35w_g2_desktop_minielite_x2_1012_g1_firmwareproone_600_g5_21.5-in_all-in-one_business_firmwareelitebook_865_g9_firmwareelite_tower_600_g9proone_400_g3_20-inch_touch_all-in-one_firmwareelitebook_830_g8_firmwareelitedesk_800_g5_tower_firmwareprodesk_600_g3_microtowerprodesk_400_g4_microtowerpro_tower_400_g9prodesk_480_g6_microtower_firmwareelitebook_845_g9zbook_firefly_14_g7zbook_fury_15_g8eliteone_840_23.8_inch_g9_all-in-oneprodesk_405_g6_desktop_miniproone_400_g2_20-inch_touch_all-in-one_firmwaremp9_g4_retail_systemz2_small_form_factor_g5_workstationprobook_445_g8elitebook_855_g7_firmwareelitebook_x360_830_g8probook_470_g5_firmwareelitedesk_805_g8_small_form_factorelitebook_860_g9_firmwareprobook_455_g7elite_tower_800_g9_firmwareproone_400_g2_20-inch_touch_all-in-oneelitebook_x360_830_g6probook_635_aero_g8_firmwareprodesk_405_g4_desktop_mini_firmwareelitebook_835_g9_firmwarepro_sff_400_g9probook_445_g6_firmwareprobook_445_g9proone_440_g6_24_all-in-one_firmwareprodesk_600_g3_desktop_miniz2_small_form_factor_g5_workstation_firmwareelitebook_645_g9_firmwareelitedesk_800_g6_small_form_factorz2_tower_g4_workstationelitedesk_800_65w_g3_desktop_mini_firmwarezbook_studio_g7elitebook_835_g8_firmwareeliteone_800_g4_23.8-in_all-in-one_businesselitedesk_800_g5_desktop_mini_firmwareproone_400_g6_20_all-in-onezbook_fury_15_g7_firmwarezbook_power_g8_firmwareeliteone_800_g3_23.8_non-touch_all-in-one_businessprobook_640_g8_firmwarezbook_14u_g5_firmwareprodesk_480_g6_microtowermt45_mobile_thin_client_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_businessz1_g9_towerprodesk_600_g2_small_form_factorelite_mini_600_g9elitebook_845_g7_firmwareprodesk_600_g4_small_form_factor_firmwarez2_mini_g5_workstationzhan_66_pro_a_14_g5elitebook_1040_g4probook_x360_11_g3_eeelitebook_735_g5eliteone_800_g3_23.8-inch_touch_all-in-oneelitebook_1040_g9_firmwareelitebook_735_g5_firmwareelitedesk_800_g8_desktop_miniprodesk_400_g6_desktop_mini_firmwareelitebook_846_g5_firmwareelite_mini_800_g9zbook_fury_17_g7proone_440_g5_23.8-in_all-in-one_businessprodesk_400_g6_microtower_firmwareprobook_fortis_g10elitebook_835_g7proone_400_g3_20-inch_touch_all-in-onezbook_14u_g6proone_400_g4_20-inch_non-touch_all-in-one_businesselitebook_755_g5zbook_15u_g6_firmwareelitedesk_800_g4_towerprobook_440_g8prodesk_400_g4_desktop_minielitebook_735_g6proone_400_g6_20_all-in-one_firmwareprobook_455_g9elitedesk_800_g2_small_form_factor_firmwareprobook_640_g5_firmwareprobook_440_g6proone_400_g5_23.8-inch_all-in-one_businessprobook_450_g6z1_g8_towerprobook_630_g8probook_650_g8probook_650_g4_firmwarezbook_firefly_15_g8_firmwareprobook_450_g9zhan_x_13_g2zbook_studio_g5proone_600_g2_21.5-inch_non-touch_all-in-oneelitebook_860_g9elitedesk_800_65w_g3_desktop_minieliteone_800_g4_23.8-inch_touch_gpu_all-in-oneelite_x360_830_g9_2-in-1eliteone_1000_g2_34-in_curved_all-in-one_businessprodesk_600_g5_desktop_mini_firmwareprobook_430_g8z2_mini_g4_workstation_firmwaremt44_mobile_thin_clientprodesk_680_g3_microtower_firmwareelitebook_x360_1040_g7elitebook_830_g9elite_x2_g4zbook_15_g5probook_455_g8prodesk_600_g4_microtower_firmwareelitebook_830_g8elitebook_840_g9_firmwareprodesk_400_g7_microtowerprodesk_600_g6_small_form_factor_firmwareelitedesk_800_g6_desktop_mini_firmwarezhan_66_pro_a_14_g4eliteone_1000_g2_23.8-in_touch_all-in-one_business_firmwareelitebook_x360_830_g8_firmwareeliteone_1000_g1_34-in_curved_all-in-one_business_firmwarezhan_66_pro_a_14_g3_firmwareprobook_445_g8_firmwarezhan_66_pro_14_g4elite_dragonfly_g3zhan_66_pro_g3_22_all-in-oneeliteone_800_g3_23.8-inch_touch_gpu_all-in-one_firmwareprobook_455_g5_firmwareprodesk_480_g5_microtower_firmwareengage_one_pro_aio_systemelitebook_830_g7elitebook_640_g9probook_455_g6_firmwareprodesk_600_g4_microtowerprodesk_405_g4_small_form_factormp9_g2_retail_system_firmwareelite_slicez2_mini_g4_workstationelitedesk_705_g4_workstation_firmwareprobook_440_g6_firmwareelitebook_x360_830_g6_firmwareelitebook_830_g6_firmwareelite_tower_680_g9elitedesk_800_65w_g4_desktop_mini_firmwarezhan_66_pro_g1_firmwareeliteone_800_g6_24_all-in-oneelite_x2_g4_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_firmwarezhan_66_pro_13_g2_firmwareelitebook_x360_830_g7_firmwareengage_go_10_mobile_system_firmwareelite_dragonfly_g3_firmwareelite_dragonfly_g2_firmwareprobook_x360_11_g7_eeelitebook_x360_1030_g3_firmwareelitebook_1030_g1elite_mini_800_g9_firmwareelitebook_645_g9zbook_firefly_16_g9_firmwareproone_400_g5_23.8-inch_all-in-one_business_firmwareelite_sff_600_g9elitedesk_705_g4_microtower_firmwarezhan_66_pro_15_g2_firmwarezhan_66_pro_14_g4_firmwarezbook_firefly_15_g7elitedesk_800_35w_g4_desktop_mini_firmwareproone_440_g6_24_all-in-onezbook_power_g9_firmwareelitebook_845_g8_firmwareprobook_640_g8elitebook_830_g9_firmwarezhan_66_pro_g1elitedesk_705_g4_microtowereliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_firmwarerp9_g1_retail_system_firmwareelitebook_840_g7elitebook_1050_g1elitedesk_800_g6_small_form_factor_firmwareengage_one_aio_system_firmwaredragonfly_folio_g3_2-in-1prodesk_400_g7_microtower_firmwareelitebook_850_g5zbook_power_g7elite_mini_600_g9_firmwareeliteone_1000_g1_23.8-in_touch_all-in-one_businesselitebook_630_g9elitebook_x360_1040_g6_firmwareelitebook_x360_1030_g4_firmwareprobook_x360_11_g3_ee_firmwarezhan_66_pro_14_g3_firmwareprodesk_400_g5_microtowerproone_600_g2_21.5-inch_touch_all-in-oneelite_folio_2-in-1_firmwareproone_600_g2_21.5-inch_touch_all-in-one_firmwarezhan_66_pro_a_14_g3elitedesk_800_35w_g3_desktop_mini_firmwarezbook_power_g8probook_440_g8_firmwareelitedesk_880_g5_tower_firmwareprodesk_600_g2_microtowerzbook_15_g6_firmwareelite_sff_800_g9elitedesk_880_g6_tower_firmwareeliteone_1000_g1_27-in_4k_uhd_all-in-one_businessprodesk_600_g4_desktop_minizbook_fury_16_g9proone_400_g3_20-inch_non-touch_all-in-onezbook_create_g7_firmwareproone_440_g4_23.8-inch_non-touch_all-in-one_businessprobook_fortis_g10_firmwareelitebook_840_g5mt46_mobile_thin_clientprobook_440_g5proone_440_23.8_inch_g9_all-in-oneprodesk_600_g2_microtower_firmwareeliteone_800_g6_27_all-in-oneproone_600_g5_21.5-in_all-in-one_businesszhan_66_pro_a_14_g4_firmwarezhan_66_pro_g3_24_all-in-one_firmwareelitebook_1050_g1_firmwareelitebook_755_g5_firmwareelitedesk_800_65w_g2_desktop_mini_firmwaredragonfly_folio_g3_2-in-1_firmwareprobook_640_g4probook_455_g9_firmwareproone_600_g3_21.5-inch_non-touch_all-in-oneprobook_445r_g6_firmwareelitedesk_800_95w_g4_desktop_mini_firmwareprodesk_400_g5_small_form_factor_firmwareprodesk_600_g3_small_form_factor_firmwareprodesk_600_g6_desktop_mini_firmwareprodesk_600_g6_firmwarezhan_66_pro_13_g2elite_dragonflyprobook_440_g5_firmwareprodesk_400_g6_small_form_factor_firmwareprodesk_600_g6_small_form_factorelite_dragonfly_maxeliteone_800_g3_23.8-inch_non-touch_all-in-one_firmwareproone_400_g3_20-inch_non-touch_all-in-one_firmwareelitedesk_800_g6_desktop_minizbook_14u_g6_firmwareprobook_445r_g6mt45_mobile_thin_clientprodesk_400_g6_small_form_factorzbook_15_g6eliteone_800_g8_27_all-in-onez2_small_form_factor_g4_workstation_firmwareelitebook_835_g7_firmwareelitebook_745_g5_firmwareelitebook_850_g6_firmwareelitebook_1040_g3probook_430_g8_firmwareprodesk_405_g6_small_form_factor_firmwareelitedesk_800_g5_towerprobook_fortis_g9_firmwareeliteone_800_g4_23.8-inch_touch_all-in-oneprodesk_405_g4_desktop_miniprobook_470_g5z1_g9_tower_firmwareelite_x2_1012_g1zbook_firefly_16_g9elitebook_840_g8probook_640_g4_firmwareelitebook_846_g5z2_small_form_factor_g8_workstation_firmwareprobook_455r_g6_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_firmwareelite_x360_1040_g9_2-in-1_firmwareelitedesk_800_g2_small_form_factorelitedesk_800_g6_towerengage_go_mobile_systemeliteone_1000_g2_34-in_curved_all-in-one_business_firmwarezbook_17_g5_firmwareproone_440_23.8_inch_g9_all-in-one_firmwareelitedesk_800_65w_g4_desktop_minielitebook_830_g5prodesk_480_g7_firmwareelitebook_640_g9_firmwareelitebook_x360_1040_g6elitebook_840_g6_firmwarezhan_66_pro_15_g2prodesk_400_g4_small_form_factormt44_mobile_thin_client_firmwareelitebook_735_g6_firmwareelitedesk_805_g6_desktop_minizbook_firefly_14_g7_firmwarez1_entry_tower_g6_workstationelitebook_745_g5probook_440_g9eliteone_800_g2_23-inch_touch_all-in-one_firmwareelitedesk_800_g4_workstationpro_x360_fortis_g9_firmwareelitebook_855_g8elitedesk_705_g4_desktop_mini_firmwareelitebook_1030_g1_firmwareelitedesk_805_g8_desktop_mini_firmwareelitedesk_800_g4_workstation_firmwareelitebook_745_g6_firmwareelite_sff_800_g9_firmwareelitedesk_800_g5_small_form_factor_firmwareelitedesk_880_g5_towerelitedesk_800_g4_small_form_factor_firmwareeliteone_800_g8_24_all-in-one_firmwareeliteone_800_g6_24_all-in-one_firmwareelitebook_836_g6_firmwareelitebook_x360_1030_g7probook_x360_11_g5_eeprobook_440_g9_firmwareelitebook_x360_1040_g7_firmwareprobook_x360_440_g1mp9_g2_retail_systemelitedesk_880_g4_towereliteone_800_g4_23.8-inch_non-touch_all-in-oneelitedesk_880_g8_tower_firmwareelite_tower_800_g9elitebook_x360_1040_g5prodesk_400_g3_desktop_mini_firmwareelitedesk_800_g3_tower_firmwareeliteone_800_g3_23.8-inch_non-touch_gpu_all-in-oneeliteone_840_23.8_inch_g9_all-in-one_firmwarezbook_fury_17_g8_firmwareelitebook_850_g8elitebook_835_g9elite_sff_600_g9_firmwareprodesk_680_g4_microtower_firmwareelitedesk_705_g4_desktop_minielitebook_x360_1030_g4eliteone_800_g6_27_all-in-one_firmwareprodesk_400_g3_desktop_minirp9_g1_retail_systemprodesk_680_g2_microtower_firmwareprobook_x360_440_g1_firmwareprodesk_680_g4_microtowerengage_one_aio_systemzbook_15_g5_firmwareeliteone_800_g2_23-inch_non-touch_all-in-one_firmwarez1_entry_tower_g6_workstation_firmwareprobook_455_g8_firmwareprobook_x360_435_g8probook_640_g7_firmwareelitedesk_805_g6_desktop_mini_firmwareelitebook_840_g6eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_firmwareengage_flex_mini_retail_system_firmwareelitedesk_880_g3_tower_firmwareprobook_455_g6elitebook_850_g8_firmwareelite_x2_g8probook_x360_11_g4_eezbook_studio_g9_firmwareprobook_450_g8elitedesk_800_g3_towereliteone_800_g8_24_all-in-oneelitedesk_705_g5_small_form_factor_firmwarezbook_studio_g8_firmwareprodesk_600_g3_small_form_factorprodesk_480_g7prodesk_600_g5_microtowerelitebook_840_aero_g8_firmwareprodesk_680_g6elite_x2_1012_g2proone_400_g4_23.8-inch_non-touch_all-in-one_business_firmwareprobook_450_g9_firmwareeliteone_1000_g1_34-in_curved_all-in-one_businessprobook_445_g9_firmwareelitebook_840_g9prodesk_600_g5_desktop_miniprodesk_600_g2_small_form_factor_firmwareelitedesk_800_g8_small_form_factorprodesk_400_g7_small_form_factorzbook_studio_x360_g5zbook_15u_g6zbook_studio_x360_g5_firmwareproone_400_g6_24_all-in-oneprodesk_600_g5_small_form_factor_firmwareengage_go_10_mobile_systemprodesk_480_g4_microtowerelitedesk_800_35w_g3_desktop_minizbook_firefly_15_g8eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_firmwareproone_400_g2_20-inch_non-touch_all-in-one_firmwareelite_dragonfly_max_firmwarepro_x360_fortis_g10_firmwareprobook_x360_435_g8_firmwarezbook_studio_g7_firmwarezbook_firefly_15_g7_firmwareeliteone_800_g4_23.8-in_all-in-one_business_firmwareengage_one_pro_aio_system_firmwareprodesk_400_g7_small_form_factor_firmwarezbook_15u_g5elitebook_855_g8_firmwareproone_400_g5_20-inch_all-in-one_business_firmwareeliteone_800_g5_23.8-in_all-in-oneelite_x2_1013_g3_firmwareprobook_x360_435_g7elitedesk_705_g5_desktop_minielitebook_830_g7_firmwareengage_go_mobile_system_firmwarepro_x360_fortis_g9elitebook_850_g6probook_450_g7prodesk_680_g6_firmwareproone_440_g5_23.8-in_all-in-one_business_firmwareproone_600_g6_22_all-in-onezhan_66_pro_a_14_g5_firmwareprobook_450_g7_firmwareeliteone_800_g2_23-inch_non-touch_all-in-onepro_mini_400_g9zbook_fury_15_g8_firmwareelitedesk_800_g8_towerelite_tower_680_g9_firmwareprobook_650_g4zbook_fury_16_g9_firmwareelitedesk_705_g5_small_form_factorprobook_650_g5z2_tower_g4_workstation_firmwareeliteone_1000_g1_23.8-in_all-in-one_business_firmwareelitedesk_800_g3_small_form_factorelitedesk_805_g6_small_form_factor_firmwareprodesk_405_g8_desktop_mini_firmwarezbook_create_g7zhan_66_pro_14_g2_firmwareprodesk_405_g8_small_form_factoreliteone_1000_g2_23.8-in_touch_all-in-one_businessprodesk_405_g8_desktop_minielitebook_745_g6elitebook_650_g9_firmwareprobook_430_g6eliteone_800_g5_23.8-inch_all-in-one_firmwareprodesk_480_g5_microtowerengage_flex_pro_retail_system_firmwareelitebook_1040_g9elitebook_x360_1030_g3zhan_66_pro_g5_firmwareprodesk_600_g5_microtower_firmwarezhan_66_pro_g3_22_all-in-one_firmwareprodesk_480_g4_microtower_firmwareprodesk_600_g6zhan_x_13_g2_firmwareelitedesk_880_g3_towerprodesk_600_g6_microtowerpro_mini_400_g9_firmwareprobook_455r_g6probook_430_g7elitebook_650_g9prodesk_405_g8_small_form_factor_firmwareprobook_450_g8_firmwarepro_sff_400_g9_firmwareelitebook_836_g5elitedesk_880_g4_tower_firmwareproone_600_g2_21.5-inch_non-touch_all-in-one_firmwareproone_400_g5_20-inch_all-in-one_businesselitebook_855_g7elitedesk_800_35w_g2_desktop_mini_firmwareprobook_x360_11_g7_ee_firmwareproone_400_g2_20-inch_non-touch_all-in-oneprodesk_400_g6_desktop_minielitedesk_800_g6_tower_firmwareelitedesk_880_g6_towerprobook_650_g7probook_455_g7_firmwareprodesk_405_g6_small_form_factorelite_dragonfly_firmwareproone_480_g3_20-inch_non-touch_all-in_oneelitebook_840_g8_firmwarepro_tower_480_g9_firmwareelitebook_850_g7zbook_firefly_14_g8elitebook_x360_1040_g5_firmwareprobook_430_g5probook_430_g7_firmwarezbook_power_g7_firmwareelitedesk_705_g5_desktop_mini_firmwareprobook_x360_11_g5_ee_firmwareprodesk_600_g3_microtower_firmwarezbook_firefly_14_g8_firmwareeliteone_800_g5_23.8-in_all-in-one_firmwareelite_slice_g2elitebook_845_g7elitebook_850_g7_firmwareelitebook_655_g9elitebook_1040_g4_firmwareelitebook_840_aero_g8probook_450_g5_firmwareelitedesk_800_35w_g4_desktop_miniprodesk_400_g4_small_form_factor_firmwareelite_x2_g8_firmwareelitedesk_800_g3_small_form_factor_firmwareeliteone_800_g8_27_all-in-one_firmwareproone_480_g3_20-inch_non-touch_all-in_one_firmwarezbook_14u_g5elitebook_x360_1030_g8_firmwarezbook_firefly_14_g9eliteone_1000_g1_23.8-in_touch_all-in-one_business_firmwaremp9_g4_retail_system_firmwareelitebook_840r_g4probook_645_g4elitedesk_800_g5_small_form_factorelite_slice_firmwareelitedesk_705_g4_workstationelitedesk_805_g8_desktop_miniz1_g8_tower_firmwareengage_flex_mini_retail_systemeliteone_800_g4_23.8-inch_touch_all-in-one_firmwarezbook_studio_g8elitebook_845_g9_firmwareprobook_635_aero_g8probook_440_g7_firmwareprodesk_600_g3_desktop_mini_firmwarezbook_15u_g5_firmwareproone_600_g6_22_all-in-one_firmwareelitebook_655_g9_firmwareelitedesk_805_g8_small_form_factor_firmwareengage_flex_pro_retail_systemelitebook_830_g5_firmwareelitebook_840r_g4_firmwarezhan_66_pro_g5eliteone_800_g2_23-inch_touch_all-in-onezbook_firefly_14_g9_firmwareproone_600_g4_21.5-inch_touch_all-in-one_businessprodesk_600_g4_desktop_mini_firmwareprobook_fortis_g9HP PC BIOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-28768
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-8.8||HIGH
EPSS-0.18% / 40.54%
||
7 Day CHG~0.00%
Published-17 Nov, 2022 | 22:36
Updated-29 Apr, 2025 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Privilege Escalation in Zoom Client Installer for macOS

The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to root.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meetingsZoom Client for Meetings Installer for macOS (Standard and for IT Admin)
CWE ID-CWE-689
Permission Race Condition During Resource Copy
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-24986
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.40%
||
7 Day CHG~0.00%
Published-26 Feb, 2022 | 04:06
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands.

Action-Not Available
Vendor-n/aKDE
Product-kcronn/a
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-56635
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.21%
||
7 Day CHG~0.00%
Published-27 Dec, 2024 | 15:02
Updated-04 May, 2025 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
net: avoid potential UAF in default_operstate()

In the Linux kernel, the following vulnerability has been resolved: net: avoid potential UAF in default_operstate() syzbot reported an UAF in default_operstate() [1] Issue is a race between device and netns dismantles. After calling __rtnl_unlock() from netdev_run_todo(), we can not assume the netns of each device is still alive. Make sure the device is not in NETREG_UNREGISTERED state, and add an ASSERT_RTNL() before the call to __dev_get_by_index(). We might move this ASSERT_RTNL() in __dev_get_by_index() in the future. [1] BUG: KASAN: slab-use-after-free in __dev_get_by_index+0x5d/0x110 net/core/dev.c:852 Read of size 8 at addr ffff888043eba1b0 by task syz.0.0/5339 CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0x169/0x550 mm/kasan/report.c:489 kasan_report+0x143/0x180 mm/kasan/report.c:602 __dev_get_by_index+0x5d/0x110 net/core/dev.c:852 default_operstate net/core/link_watch.c:51 [inline] rfc2863_policy+0x224/0x300 net/core/link_watch.c:67 linkwatch_do_dev+0x3e/0x170 net/core/link_watch.c:170 netdev_run_todo+0x461/0x1000 net/core/dev.c:10894 rtnl_unlock net/core/rtnetlink.c:152 [inline] rtnl_net_unlock include/linux/rtnetlink.h:133 [inline] rtnl_dellink+0x760/0x8d0 net/core/rtnetlink.c:3520 rtnetlink_rcv_msg+0x791/0xcf0 net/core/rtnetlink.c:6911 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2541 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:726 ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583 ___sys_sendmsg net/socket.c:2637 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2669 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f2a3cb80809 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f2a3d9cd058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f2a3cd45fa0 RCX: 00007f2a3cb80809 RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 RBP: 00007f2a3cbf393e R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f2a3cd45fa0 R15: 00007ffd03bc65c8 </TASK> Allocated by task 5339: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314 kmalloc_noprof include/linux/slab.h:901 [inline] kmalloc_array_noprof include/linux/slab.h:945 [inline] netdev_create_hash net/core/dev.c:11870 [inline] netdev_init+0x10c/0x250 net/core/dev.c:11890 ops_init+0x31e/0x590 net/core/net_namespace.c:138 setup_net+0x287/0x9e0 net/core/net_namespace.c:362 copy_net_ns+0x33f/0x570 net/core/net_namespace.c:500 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x57d/0xa70 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x8 ---truncated---

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-56556
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.60%
||
7 Day CHG~0.00%
Published-27 Dec, 2024 | 14:23
Updated-04 May, 2025 | 09:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
binder: fix node UAF in binder_add_freeze_work()

In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binder_add_freeze_work() In binder_add_freeze_work() we iterate over the proc->nodes with the proc->inner_lock held. However, this lock is temporarily dropped in order to acquire the node->lock first (lock nesting order). This can race with binder_node_release() and trigger a use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in _raw_spin_lock+0xe4/0x19c Write of size 4 at addr ffff53c04c29dd04 by task freeze/640 CPU: 5 UID: 0 PID: 640 Comm: freeze Not tainted 6.11.0-07343-ga727812a8d45 #17 Hardware name: linux,dummy-virt (DT) Call trace: _raw_spin_lock+0xe4/0x19c binder_add_freeze_work+0x148/0x478 binder_ioctl+0x1e70/0x25ac __arm64_sys_ioctl+0x124/0x190 Allocated by task 637: __kmalloc_cache_noprof+0x12c/0x27c binder_new_node+0x50/0x700 binder_transaction+0x35ac/0x6f74 binder_thread_write+0xfb8/0x42a0 binder_ioctl+0x18f0/0x25ac __arm64_sys_ioctl+0x124/0x190 Freed by task 637: kfree+0xf0/0x330 binder_thread_read+0x1e88/0x3a68 binder_ioctl+0x16d8/0x25ac __arm64_sys_ioctl+0x124/0x190 ================================================================== Fix the race by taking a temporary reference on the node before releasing the proc->inner lock. This ensures the node remains alive while in use.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-38191
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 50.51%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 17:29
Updated-10 Jul, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2022Windows Server 2012 R2 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 Version 23H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2019Windows 11 version 22H3Windows Server 2016Windows Server 2012 (Server Core installation)Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 1507Windows Server 2012Windows 10 Version 1607Windows 10 Version 21H2
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2016-8655
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-39.72% / 97.21%
||
7 Day CHG+0.58%
Published-08 Dec, 2016 | 08:08
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-linux_kernelubuntu_linuxn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • Next
Details not found