Total
1558 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3511 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.2 MEDIUM | N/A |
| Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call. | |||||
| CVE-2012-3500 | 2 Devscripts Devel Team, Fedora | 2 Devscripts, Rpmdevtools | 2024-11-21 | 1.2 LOW | N/A |
| scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file. | |||||
| CVE-2012-3487 | 1 Google | 1 Tunnelblick | 2024-11-21 | 1.2 LOW | N/A |
| Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process. | |||||
| CVE-2012-3483 | 1 Google | 1 Tunnelblick | 2024-11-21 | 6.2 MEDIUM | N/A |
| Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file. | |||||
| CVE-2012-3386 | 1 Gnu | 1 Automake | 2024-11-21 | 4.4 MEDIUM | N/A |
| The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-3063 | 1 Cisco | 1 Application Control Engine Software | 2024-11-21 | 7.1 HIGH | N/A |
| Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5(1.1), when multicontext mode is enabled, does not properly share a management IP address among multiple contexts, which allows remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances, and read or modify configuration settings, via a login attempt to a context, aka Bug ID CSCts30631, a different vulnerability than CVE-2012-3058. | |||||
| CVE-2012-2880 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 7.5 HIGH | N/A |
| Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer. | |||||
| CVE-2012-2868 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 6.8 MEDIUM | N/A |
| Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object. | |||||
| CVE-2012-2737 | 1 Ray Stode | 1 Accountsservice | 2024-11-21 | 1.9 LOW | N/A |
| The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition. | |||||
| CVE-2012-2373 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.0 MEDIUM | N/A |
| The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition. | |||||
| CVE-2012-1868 | 1 Microsoft | 1 Windows Xp | 2024-11-21 | 6.9 MEDIUM | N/A |
| Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability." | |||||
| CVE-2012-1338 | 1 Cisco | 9 Catalyst 3560, Catalyst 3560-e, Catalyst 3560-x and 6 more | 2024-11-21 | 6.3 MEDIUM | N/A |
| Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users to cause a denial of service (device reload) by completing local web authentication quickly, aka Bug ID CSCts88664. | |||||
| CVE-2012-1324 | 1 Cisco | 1 Ios | 2024-11-21 | 7.1 HIGH | N/A |
| Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, when IPS policies are configured, allows remote attackers to cause a denial of service (device crash) by sending IPv6 packets, aka Bug ID CSCtk53534. | |||||
| CVE-2012-1174 | 1 Linux | 1 Systemd | 2024-11-21 | 3.3 LOW | N/A |
| The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session." | |||||
| CVE-2012-0953 | 1 Nvidia | 1 Display Driver | 2024-11-21 | 4.4 MEDIUM | 5.0 MEDIUM |
| A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53. | |||||
| CVE-2012-0656 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.9 MEDIUM | N/A |
| Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is enabled, allows physically proximate attackers to login to arbitrary accounts by entering the account name and no password. | |||||
| CVE-2012-0649 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | 6.9 MEDIUM | N/A |
| Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file. | |||||
| CVE-2012-0644 | 1 Apple | 1 Iphone Os | 2024-11-21 | 6.9 MEDIUM | N/A |
| Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture. | |||||
| CVE-2012-0426 | 1 Novell | 1 Suse Linux Enterprise For Sap Applications | 2024-11-21 | 7.2 HIGH | N/A |
| Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ directory. | |||||
| CVE-2011-5119 | 1 Comodo | 1 Comodo Internet Security | 2024-11-21 | 1.9 LOW | N/A |
| Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass the Defense+ feature via unspecified vectors. | |||||