Total
1513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43566 | 1 Samba | 1 Samba | 2024-02-28 | 1.2 LOW | 2.5 LOW |
| All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. | |||||
| CVE-2021-34406 | 2 Google, Nvidia | 2 Android, Shield Experience | 2024-02-28 | 4.7 MEDIUM | 4.7 MEDIUM |
| NVIDIA Tegra kernel driver contains a vulnerability in NVHost, where a specific race condition can lead to a null pointer dereference, which may lead to a system reboot. | |||||
| CVE-2021-44513 | 1 Tmate | 1 Tmate-ssh-server | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
| Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling. | |||||
| CVE-2021-1884 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. A remote attacker may be able to cause a denial of service. | |||||
| CVE-2021-0298 | 1 Juniper | 3 Junos Os Evolved, Ptx10003, Ptx10008 | 2024-02-28 | 4.0 MEDIUM | 4.7 MEDIUM |
| A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command is executed coincident with other system events outside the attacker's control, leading to a Denial of Service (DoS) condition. Continued execution of the CLI command, under precise conditions, could create a sustained Denial of Service (DoS) condition. This issue affects all Juniper Networks Junos OS Evolved versions prior to 20.1R2-EVO on PTX10003 and PTX10008 platforms. Junos OS is not affected by this vulnerability. | |||||
| CVE-2021-0652 | 1 Google | 1 Android | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185178568 | |||||
| CVE-2011-1075 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 4.3 MEDIUM | 3.7 LOW |
| FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File() function, which takes a pathname as an argument, and is called with euid 0. A race condition in this process may lead to an arbitrary MD5 comparison regardless of the read permissions. | |||||
| CVE-2020-12951 | 1 Amd | 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
| Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations. | |||||
| CVE-2021-37074 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
| There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. | |||||
| CVE-2022-21896 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
| Windows DWM Core Library Elevation of Privilege Vulnerability | |||||
| CVE-2021-36987 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
| There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart. | |||||
| CVE-2021-1806 | 1 Apple | 2 Mac Os X, Macos | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30955 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-31797 | 1 Cyberark | 1 Credential Provider | 2024-02-28 | 1.9 LOW | 5.1 MEDIUM |
| The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure. | |||||
| CVE-2020-36441 | 1 Abox Project | 1 Abox | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox<T> with no requirement for T: Send and T: Sync. | |||||
| CVE-2020-15522 | 1 Bouncycastle | 4 Bc-csharp, Bouncy Castle Fips .net Api, Legion-of-the-bouncy-castle-fips-java-api and 1 more | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures. | |||||
| CVE-2021-30857 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30868 | 1 Apple | 1 Macos | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-0258 | 1 Juniper | 1 Junos | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
| A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial of Service (DoS). Continued receipt and processing of these transit packets will create a sustained Denial of Service (DoS) condition. This issue only occurs when TCPv6 packets are routed through the management interface. Other transit traffic, and traffic destined to the management interface, are unaffected by this vulnerability. This issue was introduced as part of a TCP Parallelization feature added in Junos OS 17.2, and affects systems with concurrent network stack enabled. This feature is enabled by default, but can be disabled (see WORKAROUND section below). This issue affects Juniper Networks Junos OS: 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R2-S2, 19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 17.2R1. | |||||
| CVE-2021-30933 | 1 Apple | 1 Macos | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||