Total
2153 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15358 | 1 Charlesproxy | 1 Charles | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option.
|
|||||
| CVE-2017-15129 | 4 Canonical, Fedoraproject, Linux and 1 more | 20 Ubuntu Linux, Fedora, Linux Kernel and 17 more | 2024-11-21 | 4.9 MEDIUM | 4.7 MEDIUM |
|
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation ca ...
Show More |
|||||
| CVE-2017-14880 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while IPA WAN-driver is processing multiple requests from modem/user-space module, the global variable "num_q6_rule" does not have a mutex lock and thus can be accessed and modified by multiple threads.
|
|||||
| CVE-2017-14798 | 2 Postgresql, Suse | 2 Postgresql, Suse Linux Enterprise Server | 2024-11-21 | 6.9 MEDIUM | 7.3 HIGH |
|
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
|
|||||
| CVE-2017-13905 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges.
|
|||||
| CVE-2017-13183 | 1 Google | 1 Android | 2024-11-21 | 6.2 MEDIUM | 7.0 HIGH |
|
In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.1. Android ID: A-38118127.
|
|||||
| CVE-2017-12410 | 1 Kaseya | 1 Virtual System Administrator | 2024-11-21 | 6.9 MEDIUM | 7.4 HIGH |
|
It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition when Kaseya Virtual System Administrator agent 9.3.0.11 and earlier tries to execute its binaries from working and/or temporary folders. Successful exploitation results in the execution of arbitrary programs with "NT AUTHORITY\SYSTEM" privileges.
|
|||||
| CVE-2017-11082 | 1 Google | 1 Android | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update the WLAN firmware file through sysfs.
|
|||||
| CVE-2017-1000503 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related settings not being set to their usual strict default.
|
|||||
| CVE-2016-9077 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.8 MEDIUM | 7.0 HIGH |
|
Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox < 50.
|
|||||
| CVE-2016-9038 | 1 Sophos | 1 Invincea-x | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
|
An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a special application locally to trigger this vulnerability.
|
|||||
| CVE-2016-15036 | 1 Deis | 1 Workflow Manager | 2024-11-21 | 4.0 MEDIUM | 4.6 MEDIUM |
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Deis Workflow Manager up to 2.3.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to race condition. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version 2.3.3 is able to address this issue. The patch is named 31fe3bccbdde134a185752e53380330d16053f7f. It is recommended to upgrade the affected component. The associated identifier of this ...
Show More |
|||||
| CVE-2016-11030 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (with Hrm sensor support) software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-7341 (December 2016).
|
|||||
| CVE-2016-10906 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.
|
|||||
| CVE-2016-10798 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.9 MEDIUM | 6.8 MEDIUM |
|
cPanel before 58.0.4 allows a file-ownership change (to nobody) via rearrangeacct (SEC-134).
|
|||||
| CVE-2016-10741 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
|
In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.
|
|||||
| CVE-2016-10538 | 2 Cli Project, Debian | 2 Cli, Debian Linux | 2024-11-21 | 4.9 MEDIUM | 3.5 LOW |
|
The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to.
|
|||||
| CVE-2016-10439 | 1 Qualcomm | 16 Sd 425, Sd 425 Firmware, Sd 430 and 13 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, there is a TOCTOU vulnerability in the input validation for bulletin_board_read syscall. A pointer dereference is being validated without promising the pointer hasn't been changed by the HLOS program.
|
|||||
| CVE-2016-10435 | 1 Qualcomm | 52 Mdm9206, Mdm9206 Firmware, Mdm9625 and 49 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, in some QTEE syscall handlers, a TOCTOU vulnerability exists.
|
|||||
| CVE-2016-10433 | 1 Qualcomm | 48 Mdm9635m, Mdm9635m Firmware, Mdm9640 and 45 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, TOCTOU vulnerability during SSD image decryption may cause memory corruption.
|
|||||
| CVE-2016-10432 | 1 Qualcomm | 22 Sd 410, Sd 410 Firmware, Sd 412 and 19 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, and SD 820A, TOCTOU vulnerabilities may occur while sanitizing userspace values passed to tQSEE system call.
|
|||||
| CVE-2016-10417 | 1 Qualcomm | 64 Ipq4019, Ipq4019 Firmware, Mdm9206 and 61 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, in QTEE, a TOCTOU vulnerability exists due to improper access control.
|
|||||
| CVE-2016-10409 | 1 Qualcomm | 18 Sd 425, Sd 425 Firmware, Sd 430 and 15 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers.
|
|||||
| CVE-2016-1000236 | 2 Cookie-signature Project, Debian | 2 Cookie-signature, Debian Linux | 2024-11-21 | 3.5 LOW | 4.4 MEDIUM |
|
Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.
|
|||||
| CVE-2015-9157 | 1 Qualcomm | 44 Ipq4019, Ipq4019 Firmware, Mdm9206 and 41 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in widevine_dash_cmd_handler(), rsp buffers are passed off to widevine commands. These rsp buffers have values in them, such as buffer lengths, that need to be validated to ensure that no buffer overflow/over-reads happ ...
Show More |
|||||
| CVE-2015-9016 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046.
|
|||||
| CVE-2015-7335 | 1 Lenovo | 1 System Update | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A race condition was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow a user to execute arbitrary code with elevated privileges.
|
|||||
| CVE-2015-6569 | 1 Atlassian | 1 Floodlight | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a state manipulation attack.
|
|||||
| CVE-2015-1862 | 1 Abrt Project | 1 Abrt | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.
|
|||||
| CVE-2015-1340 | 1 Linuxcontainers | 1 Lxd | 2024-11-21 | 6.8 MEDIUM | 7.0 HIGH |
|
LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice.
|
|||||
| CVE-2015-10067 | 1 Ssharpsmartthreadpool Project | 1 Ssharpsmartthreadpool | 2024-11-21 | 4.0 MEDIUM | 4.6 MEDIUM |
|
A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has been classified as problematic. This affects an unknown part of the file SSharpSmartThreadPool/SmartThreadPool.cs. The manipulation leads to race condition within a thread. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 0e58073c831093aad75e077962e9fb55cad0dc5f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VD ...
Show More |
|||||
| CVE-2014-9748 | 3 Libuv, Microsoft, Nodejs | 4 Libuv, Windows Server 2003, Windows Xp and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition.
|
|||||
| CVE-2014-5255 | 2 Debian, Xcfa Project | 2 Debian Linux, Xcfa | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254.
|
|||||
| CVE-2014-5254 | 1 Xcfa Project | 1 Xcfa | 2024-11-21 | 3.3 LOW | 4.7 MEDIUM |
|
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files.
|
|||||
| CVE-2014-4995 | 1 Vladtheenterprising Project | 1 Vladtheenterprising | 2024-11-21 | 1.9 LOW | 7.0 HIGH |
|
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.
|
|||||
| CVE-2014-3856 | 1 Fishshell | 1 Fish | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.
|
|||||
| CVE-2014-3701 | 1 Redhat | 2 Edeploy, Jboss Enterprise Web Server | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
|
eDeploy has tmp file race condition flaws
|
|||||
| CVE-2014-2906 | 1 Fishshell | 1 Fish | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.
|
|||||
| CVE-2014-0245 | 1 Redhat | 1 Jboss Portal | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0.
|
|||||
| CVE-2013-3685 | 2 Lg, Spritesoftware | 45 E971, E973, E975 and 42 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.
|
|||||