Total
2153 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4740 | 1 Qualcomm | 1 Quic Mobile Station Modem Kernel | 2025-04-11 | 6.9 MEDIUM | N/A |
|
goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, relies on user-space length values for kernel-memory copies of procfs file content, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that provides crafted values.
|
|||||
| CVE-2011-3878 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization.
|
|||||
| CVE-2010-2023 | 1 Exim | 1 Exim | 2025-04-11 | 4.4 MEDIUM | N/A |
|
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
|
|||||
| CVE-2013-2847 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2010-5174 | 2 Microsoft, Prevx | 2 Windows Xp, Prevx | 2025-04-11 | 6.2 MEDIUM | N/A |
|
Race condition in Prevx 3.0.5.143 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already be ...
Show More |
|||||
| CVE-2010-1888 | 1 Microsoft | 1 Windows Xp | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability."
|
|||||
| CVE-2012-0644 | 1 Apple | 1 Iphone Os | 2025-04-11 | 6.9 MEDIUM | N/A |
|
Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.
|
|||||
| CVE-2013-1263 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
|
|||||
| CVE-2009-4895 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-11 | 4.7 MEDIUM | 4.7 MEDIUM |
|
Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions. NOTE: the vulnerability was addressed in a different way in 2.6.32.9.
|
|||||
| CVE-2013-5164 | 1 Apple | 1 Iphone Os | 2025-04-11 | 3.3 LOW | N/A |
|
Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane.
|
|||||
| CVE-2010-5074 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack.
|
|||||
| CVE-2010-4765 | 1 Otrs | 1 Otrs | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System (OTRS) before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets.
|
|||||
| CVE-2012-6095 | 1 Proftpd | 1 Proftpd | 2025-04-11 | 1.2 LOW | N/A |
|
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
|
|||||
| CVE-2013-1284 | 1 Microsoft | 3 Windows 8, Windows Rt, Windows Server 2012 | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Race condition in the kernel in Microsoft Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability."
|
|||||
| CVE-2013-1272 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
|
|||||
| CVE-2011-5119 | 1 Comodo | 1 Comodo Internet Security | 2025-04-11 | 1.9 LOW | N/A |
|
Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass the Defense+ feature via unspecified vectors.
|
|||||
| CVE-2014-1921 | 1 Parcimonie Project | 1 Parcimonie | 2025-04-11 | 7.5 HIGH | N/A |
|
parcimonie before 0.8.1, when using a large keyring, sleeps for the same amount of time between fetches, which allows attackers to correlate key fetches via unspecified vectors.
|
|||||
| CVE-2012-5119 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Race condition in Pepper, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to buffers.
|
|||||
| CVE-2012-4508 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 1.9 LOW | N/A |
|
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.
|
|||||
| CVE-2012-0426 | 1 Novell | 1 Suse Linux Enterprise For Sap Applications | 2025-04-11 | 7.2 HIGH | N/A |
|
Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ directory.
|
|||||
| CVE-2013-1251 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
|
|||||
| CVE-2010-5172 | 2 Microsoft, Pandasecurity | 2 Windows Xp, Panda Internet Security 2010 | 2025-04-11 | 6.2 MEDIUM | N/A |
|
Race condition in Panda Internet Security 2010 15.01.00 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted ...
Show More |
|||||
| CVE-2012-3748 | 1 Apple | 2 Iphone Os, Safari | 2025-04-11 | 5.1 MEDIUM | N/A |
|
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays.
|
|||||
| CVE-2013-0900 | 5 Apple, Debian, Google and 2 more | 5 Mac Os X, Debian Linux, Chrome and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2013-6458 | 1 Redhat | 1 Libvirt | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
|
|||||
| CVE-2010-0489 | 1 Microsoft | 7 Internet Explorer, Windows 2000, Windows 2003 Server and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability."
|
|||||
| CVE-2011-1257 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | 7.6 HIGH | N/A |
|
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
|||||
| CVE-2010-5151 | 2 Avast\!, Microsoft | 2 Avast\! Internet Security, Windows Xp | 2025-04-11 | 6.2 MEDIUM | N/A |
|
Race condition in avast! Internet Security 5.0.462 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted progr ...
Show More |
|||||
| CVE-2010-0436 | 1 Kde | 1 Kde Sc | 2025-04-11 | 6.9 MEDIUM | N/A |
|
Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.
|
|||||
| CVE-2013-3302 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.4 MEDIUM | N/A |
|
Race condition in the smb_send_rqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors involving a reconnection event.
|
|||||
| CVE-2013-7026 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.7 MEDIUM | N/A |
|
Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system calls.
|
|||||
| CVE-2011-1625 | 1 Cisco | 1 Ios | 2025-04-11 | 5.4 MEDIUM | N/A |
|
Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629.
|
|||||
| CVE-2013-2162 | 1 Canonical | 1 Ubuntu Linux | 2025-04-11 | 1.9 LOW | N/A |
|
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.
|
|||||
| CVE-2010-3495 | 1 Zope | 1 Zodb | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) before 3.10.0 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.
|
|||||
| CVE-2010-2793 | 1 Redhat | 2 Enterprise Virtualization Manager, Spice-activex | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of this named pipe, in conjunction with use of the ImpersonateNamedPipeClient function.
|
|||||
| CVE-2012-2373 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.0 MEDIUM | N/A |
|
The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition.
|
|||||
| CVE-2022-32645 | 2 Google, Mediatek | 19 Android, Mt6789, Mt6833 and 16 more | 2025-04-10 | N/A | 4.1 MEDIUM |
|
In vow, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494477; Issue ID: ALPS07494477.
|
|||||
| CVE-2007-2400 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects.
|
|||||
| CVE-2008-5044 | 1 Microsoft | 2 Windows Server 2003, Windows Vista | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Race condition in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (crash or hang) via a multi-threaded application that makes many calls to UnhookWindowsHookEx while certain other desktop activity is occurring.
|
|||||
| CVE-2009-4027 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.1 HIGH | N/A |
|
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.
|
|||||