Total
1513 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-11082 | 1 Google | 1 Android | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update the WLAN firmware file through sysfs. | |||||
CVE-2016-10439 | 1 Qualcomm | 16 Sd 425, Sd 425 Firmware, Sd 430 and 13 more | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, there is a TOCTOU vulnerability in the input validation for bulletin_board_read syscall. A pointer dereference is being validated without promising the pointer hasn't been changed by the HLOS program. | |||||
CVE-2018-12633 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 6.3 MEDIUM | 6.3 MEDIUM |
An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (hdr.size_in and hdr.size_out) in the header between the two fetches because of a race condition, leading to severe kernel errors, such as buffer over-accesses. This bug can cause a local denial of service and information leakage. | |||||
CVE-2016-9077 | 1 Mozilla | 1 Firefox | 2024-02-28 | 6.8 MEDIUM | 7.0 HIGH |
Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox < 50. | |||||
CVE-2017-18249 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads. | |||||
CVE-2018-4167 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
CVE-2018-7441 | 1 Leptonica | 1 Leptonica | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race condition, as demonstrated by /tmp/junk_split_image.ps in prog/splitimage2pdf.c. | |||||
CVE-2018-5814 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets. | |||||
CVE-2018-7566 | 6 Canonical, Debian, Linux and 3 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | |||||
CVE-2016-10538 | 2 Cli Project, Debian | 2 Cli, Debian Linux | 2024-02-28 | 4.9 MEDIUM | 3.5 LOW |
The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to. | |||||
CVE-2018-1121 | 1 Procps Project | 1 Procps | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower PID, thus avoiding enumeration. An unprivileged attacker can hide a process from procps-ng's utilities by exploiting a race condition in reading /proc/PID entries. This vulnerability affects procps and procps-ng up to version 3.3.15, newer versions might be affected also. | |||||
CVE-2018-0492 | 2 Beep Project, Debian | 2 Beep, Debian Linux | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation. | |||||
CVE-2017-18203 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 1.9 LOW | 4.7 MEDIUM |
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices. | |||||
CVE-2018-5832 | 1 Google | 1 Android | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
Due to a race condition in a camera driver ioctl handler in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur. | |||||
CVE-2018-11324 | 1 Joomla | 1 Joomla\! | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated. | |||||
CVE-2018-5845 | 1 Google | 1 Android | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
A race condition in drm_atomic_nonblocking_commit() in the display driver can potentially lead to a Use After Free scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||
CVE-2017-5427 | 1 Mozilla | 1 Firefox | 2024-02-28 | 1.9 LOW | 5.5 MEDIUM |
A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. This vulnerability affects Firefox < 52. | |||||
CVE-2017-15826 | 1 Google | 1 Android | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures. | |||||
CVE-2018-4152 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Notes" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
CVE-2017-14798 | 2 Postgresql, Suse | 2 Postgresql, Suse Linux Enterprise Server | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root. |