Total
1513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31364 | 1 Juniper | 14 Junos, Srx1500, Srx300 and 11 more | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traffic to cause a crash of the flowd/srxpfe process, responsible for traffic forwarding in SRX, which will cause a Denial of Service (DoS). Continued receipt and processing of this specific traffic will create a sustained Denial of Service (DoS) condition. This issue can only occur when specific packets are trying to create the same session and logging for session-close is configured as a policy action. Affected platforms are: SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2. Not affected platforms are: SRX4000 Series, SRX5000 Series with SPC3, and vSRX Series. This issue affects Juniper Networks Junos OS SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2: All versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. | |||||
| CVE-2021-36994 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-28 | 4.3 MEDIUM | 3.7 LOW |
| There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist. | |||||
| CVE-2021-37085 | 1 Huawei | 1 Harmonyos | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
| There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service. | |||||
| CVE-2021-37082 | 1 Huawei | 1 Harmonyos | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. | |||||
| CVE-2021-39679 | 1 Google | 1 Android | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
| In init of vendor_graphicbuffer_meta.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188745089References: N/A | |||||
| CVE-2021-30313 | 1 Qualcomm | 360 Apq8096au, Apq8096au Firmware, Ar8031 and 357 more | 2024-02-28 | 4.4 MEDIUM | 6.4 MEDIUM |
| Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-43411 | 1 Gnu | 1 Hurd | 2024-02-28 | 8.5 HIGH | 7.5 HIGH |
| An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there's a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access. | |||||
| CVE-2021-37073 | 1 Huawei | 1 Harmonyos | 2024-02-28 | 4.3 MEDIUM | 3.7 LOW |
| There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with. | |||||
| CVE-2021-30714 | 1 Apple | 2 Ipados, Iphone Os | 2024-02-28 | 4.0 MEDIUM | 6.3 MEDIUM |
| A race condition was addressed with improved state handling. This issue is fixed in iOS 14.6 and iPadOS 14.6. An application may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2022-24114 | 2 Acronis, Apple | 3 Cyber Protect Home Office, True Image, Macos | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
| Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287 | |||||
| CVE-2021-45704 | 1 Metrics-util Project | 1 Metrics-util | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and memory corruption because AtomicBucket<T> unconditionally implements the Send and Sync traits. | |||||
| CVE-2021-0955 | 1 Google | 1 Android | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
| In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-192085766 | |||||
| CVE-2020-35216 | 1 Atomix | 1 Atomix | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages. | |||||
| CVE-2021-36808 | 1 Sophos | 1 Sophos Secure Workspace | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
| A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. | |||||
| CVE-2021-36181 | 1 Fortinet | 1 Fortiportal | 2024-02-28 | 3.5 LOW | 3.1 LOW |
| A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific coordination of web requests. | |||||
| CVE-2021-45710 | 1 Tokio | 1 Tokio | 2024-02-28 | 5.1 MEDIUM | 8.1 HIGH |
| An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption. | |||||
| CVE-2020-29622 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. | |||||
| CVE-2017-13905 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges. | |||||
| CVE-2022-21881 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Server and 3 more | 2024-02-28 | 7.2 HIGH | 7.0 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-4083 | 4 Debian, Linux, Netapp and 1 more | 23 Debian Linux, Linux Kernel, H300e and 20 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
| A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. | |||||