Total
1553 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-0907 | 1 Google | 1 Chrome | 2024-11-21 | 7.5 HIGH | N/A |
Race condition in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media threads. | |||||
CVE-2013-0900 | 5 Apple, Debian, Google and 2 more | 5 Mac Os X, Debian Linux, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | N/A |
Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2013-0893 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2024-11-21 | 6.8 MEDIUM | N/A |
Race condition in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media. | |||||
CVE-2013-0871 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.9 MEDIUM | N/A |
Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death. | |||||
CVE-2013-0266 | 1 Openstack | 2 Essex, Folsom | 2024-11-21 | 2.1 LOW | N/A |
manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files. | |||||
CVE-2012-6095 | 1 Proftpd | 1 Proftpd | 2024-11-21 | 1.2 LOW | N/A |
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands. | |||||
CVE-2012-5660 | 1 Redhat | 1 Automatic Bug Reporting Tool | 2024-11-21 | 6.9 MEDIUM | N/A |
abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes." | |||||
CVE-2012-5507 | 2 Plone, Zope | 2 Plone, Zope | 2024-11-21 | 4.3 MEDIUM | N/A |
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation. | |||||
CVE-2012-5415 | 1 Cisco | 3 5500 Adaptive Security Appliance, 5500 Series Adaptive Security Appliance, Adaptive Security Appliance | 2024-11-21 | 5.4 MEDIUM | N/A |
Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272. | |||||
CVE-2012-5119 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | N/A |
Race condition in Pepper, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to buffers. | |||||
CVE-2012-5108 | 1 Google | 1 Chrome | 2024-11-21 | 9.3 HIGH | N/A |
Race condition in Google Chrome before 22.0.1229.92 allows remote attackers to execute arbitrary code via vectors related to audio devices. | |||||
CVE-2012-4508 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 1.9 LOW | N/A |
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. | |||||
CVE-2012-3868 | 1 Isc | 1 Bind | 2024-11-21 | 4.3 MEDIUM | N/A |
Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries. | |||||
CVE-2012-3748 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 5.1 MEDIUM | N/A |
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. | |||||
CVE-2012-3552 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux Eus | 2024-11-21 | 7.1 HIGH | 5.9 MEDIUM |
Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic. | |||||
CVE-2012-3511 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.2 MEDIUM | N/A |
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call. | |||||
CVE-2012-3500 | 2 Devscripts Devel Team, Fedora | 2 Devscripts, Rpmdevtools | 2024-11-21 | 1.2 LOW | N/A |
scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file. | |||||
CVE-2012-3487 | 1 Google | 1 Tunnelblick | 2024-11-21 | 1.2 LOW | N/A |
Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process. | |||||
CVE-2012-3483 | 1 Google | 1 Tunnelblick | 2024-11-21 | 6.2 MEDIUM | N/A |
Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file. | |||||
CVE-2012-3386 | 1 Gnu | 1 Automake | 2024-11-21 | 4.4 MEDIUM | N/A |
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors. |