Total
1513 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-3016 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 1.9 LOW | 4.7 MEDIUM |
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out. | |||||
CVE-2019-9375 | 1 Google | 1 Android | 2024-02-28 | 6.9 MEDIUM | 6.4 MEDIUM |
In hostapd, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129344244 | |||||
CVE-2014-5254 | 1 Xcfa Project | 1 Xcfa | 2024-02-28 | 3.3 LOW | 4.7 MEDIUM |
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. | |||||
CVE-2013-3685 | 2 Lg, Spritesoftware | 45 E971, E973, E975 and 42 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges. | |||||
CVE-2020-3941 | 2 Microsoft, Vmware | 2 Windows, Tools | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11. | |||||
CVE-2019-11761 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more | 2024-02-28 | 5.8 MEDIUM | 5.4 MEDIUM |
By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. | |||||
CVE-2019-19580 | 2 Fedoraproject, Xen | 2 Fedora, Xen | 2024-02-28 | 6.0 MEDIUM | 6.6 MEDIUM |
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in restartable PV type change operations. Despite extensive testing and auditing, some corner cases were missed. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All security-supported versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Note that these attacks require very precise timing, which may be difficult to exploit in practice. | |||||
CVE-2019-17342 | 2 Debian, Xen | 2 Debian Linux, Xen | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced. | |||||
CVE-2019-19537 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.7 MEDIUM | 4.2 MEDIUM |
In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c. | |||||
CVE-2011-3585 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2024-02-28 | 1.9 LOW | 4.7 MEDIUM |
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists. | |||||
CVE-2014-0245 | 1 Redhat | 1 Jboss Portal | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0. | |||||
CVE-2019-11215 | 1 Combodo | 1 Itop | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during upgrade; in certain cases, an error during modification of the file from the web interface leaves the file writable (can be triggered with XSS); a race condition can be triggered by the hub-connector module (community version only from 2.4.1 to 2.6.0); or editing the file in a CLI. | |||||
CVE-2019-2219 | 1 Google | 1 Android | 2024-02-28 | 4.7 MEDIUM | 4.7 MEDIUM |
In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119041698 | |||||
CVE-2014-5255 | 2 Debian, Xcfa Project | 2 Debian Linux, Xcfa | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254. | |||||
CVE-2020-0030 | 1 Google | 1 Android | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145286050References: Upstream kernel | |||||
CVE-2014-2906 | 1 Fishshell | 1 Fish | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name. | |||||
CVE-2019-2284 | 1 Qualcomm | 42 Msm8909w, Msm8909w Firmware, Qcs405 and 39 more | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24 | |||||
CVE-2019-8606 | 1 Apple | 1 Mac Os X | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions. | |||||
CVE-2014-9748 | 3 Libuv, Microsoft, Nodejs | 4 Libuv, Windows Server 2003, Windows Xp and 1 more | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition. | |||||
CVE-2020-3163 | 1 Cisco | 1 Unified Contact Center Enterprise | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software improperly manages resources when processing inbound Live Data traffic. An attacker could exploit this vulnerability by sending multiple crafted Live Data packets to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could result in a stack overflow and cause the affected device to reload, resulting in a DoS condition. Note: The Live Data port in Cisco Unified Contact Center Enterprise devices allows only a single TCP connection. To exploit this vulnerability, an attacker would have to send crafted packets to an affected device before a legitimate Live Data client establishes a connection. |