Total
1546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1228 | 1 Google | 1 Chrome | 2024-02-28 | 10.0 HIGH | N/A |
Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors. | |||||
CVE-2010-2653 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 6.9 MEDIUM | N/A |
Race condition in the hvc_close function in drivers/char/hvc_console.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service or possibly have unspecified other impact by closing a Hypervisor Virtual Console device, related to the hvc_open and hvc_remove functions. | |||||
CVE-2010-5074 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2024-02-28 | 4.3 MEDIUM | N/A |
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack. | |||||
CVE-2010-3412 | 1 Google | 1 Chrome | 2024-02-28 | 9.3 HIGH | N/A |
Race condition in the console implementation in Google Chrome before 6.0.472.59 has unspecified impact and attack vectors. | |||||
CVE-2010-4526 | 3 Linux, Redhat, Vmware | 3 Linux Kernel, Enterprise Mrg, Esx | 2024-02-28 | 7.1 HIGH | N/A |
Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. | |||||
CVE-2011-0695 | 3 Canonical, Linux, Redhat | 7 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 4 more | 2024-02-28 | 5.7 MEDIUM | N/A |
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference. | |||||
CVE-2010-4807 | 1 Ibm | 1 Web Content Manager | 2024-02-28 | 3.5 LOW | N/A |
Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 allows remote authenticated users to cause a denial of service (infinite recursive query) via unspecified vectors, related to a StackOverflowError exception. | |||||
CVE-2010-4295 | 3 Apple, Linux, Vmware | 6 Mac Os X, Linux Kernel, Fusion and 3 more | 2024-02-28 | 6.9 MEDIUM | N/A |
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files. | |||||
CVE-2010-3493 | 1 Python | 1 Python | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492. | |||||
CVE-2011-1485 | 1 Redhat | 1 Policykit | 2024-02-28 | 6.9 MEDIUM | N/A |
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID. | |||||
CVE-2009-5010 | 1 G.rodola | 1 Pyftpdlib | 2024-02-28 | 4.3 MEDIUM | N/A |
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, a different vulnerability than CVE-2010-3494. | |||||
CVE-2010-1123 | 1 Chip Salzenberg | 1 Deliver | 2024-02-28 | 2.1 LOW | N/A |
Chip Salzenberg Deliver does not properly associate a lockfile with the user who created the file, which allows local users to cause a denial of service (blockage of incoming e-mail) by creating lockfiles for arbitrary mailboxes. | |||||
CVE-2010-1161 | 1 Gnu | 1 Nano | 2024-02-28 | 3.7 LOW | N/A |
Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files. | |||||
CVE-2010-4765 | 1 Otrs | 1 Otrs | 2024-02-28 | 4.9 MEDIUM | N/A |
Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System (OTRS) before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets. | |||||
CVE-2012-0644 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.9 MEDIUM | N/A |
Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture. | |||||
CVE-2010-0732 | 1 Gnome | 2 Gtk, Screensaver | 2024-02-28 | 6.2 MEDIUM | N/A |
gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times. | |||||
CVE-2010-2024 | 1 Exim | 1 Exim | 2024-02-28 | 4.4 MEDIUM | N/A |
transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/. | |||||
CVE-2011-3961 | 1 Google | 1 Chrome | 2024-02-28 | 9.3 HIGH | N/A |
Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. | |||||
CVE-2011-0753 | 1 Php | 1 Php | 2024-02-28 | 4.3 MEDIUM | N/A |
Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals. | |||||
CVE-2011-1444 | 3 Debian, Google, Linux | 3 Debian Linux, Chrome, Linux Kernel | 2024-02-28 | 6.8 MEDIUM | N/A |
Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |