Total
515 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0682 | 2 Checkpoint, Zonelabs | 2 Zonealarm Pro, Zonealarm | 2025-04-03 | 5.5 Medium |
| ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting. | ||||
| CVE-2024-54680 | 1 Redhat | 1 Enterprise Linux | 2025-04-02 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-20928 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254837884References: Upstream kernel | ||||
| CVE-2023-20619 | 2 Google, Mediatek | 25 Android, Mt6761, Mt6762 and 22 more | 2025-03-26 | 6.7 Medium |
| In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519159; Issue ID: ALPS07519159. | ||||
| CVE-2023-20618 | 2 Google, Mediatek | 25 Android, Mt6761, Mt6762 and 22 more | 2025-03-26 | 6.7 Medium |
| In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519184; Issue ID: ALPS07519184. | ||||
| CVE-2023-3889 | 1 Arm | 1 Valhall Gpu Kernel Driver | 2025-03-24 | 7.8 High |
| A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory. | ||||
| CVE-2023-20939 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
| In multiple functions of looper_backed_event_loop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-243362981 | ||||
| CVE-2024-29172 | 1 Dell | 1 Bsafe Ssl-j | 2025-03-19 | 5.9 Medium |
| Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A remote attacker could potentially exploit this vulnerability, leading to a Denial of Service. | ||||
| CVE-2023-2430 | 1 Linux | 1 Linux Kernel | 2025-03-06 | 5.5 Medium |
| A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat. | ||||
| CVE-2023-32258 | 3 Linux, Netapp, Redhat | 6 Linux Kernel, H300s, H410s and 3 more | 2025-03-05 | 8.1 High |
| A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_LOGOFF and SMB2_CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. | ||||
| CVE-2021-1782 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2025-02-28 | 7.0 High |
| A race condition was addressed with improved locking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.. | ||||
| CVE-2021-3735 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-02-28 | 4.4 Medium |
| A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahci_reset_port) while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. A privileged user inside the guest could use this flaw to hang the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2023-21000 | 1 Google | 1 Android | 2025-02-26 | 7.8 High |
| In MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194783918 | ||||
| CVE-2023-21400 | 2 Debian, Google | 2 Debian Linux, Android | 2025-02-13 | 6.7 Medium |
| In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-32254 | 3 Linux, Netapp, Redhat | 7 Linux Kernel, H300s, H410s and 4 more | 2025-02-13 | 9.8 Critical |
| A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. | ||||
| CVE-2023-32250 | 3 Linux, Netapp, Redhat | 8 Linux Kernel, H300s, H410s and 5 more | 2025-02-13 | 9 Critical |
| A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. | ||||
| CVE-2023-2612 | 1 Canonical | 1 Ubuntu Linux | 2025-02-13 | 4.4 Medium |
| Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). | ||||
| CVE-2021-3667 | 3 Debian, Netapp, Redhat | 5 Debian Linux, Ontap Select Deploy Administration Utility, Advanced Virtualization and 2 more | 2025-02-13 | 6.5 Medium |
| An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2024-53689 | 2025-02-13 | 4.4 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2019-3892 | 2025-02-13 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11599. Reason: This candidate is a reservation duplicate of CVE-2019-11599. Notes: All CVE users should reference CVE-2019-11599 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||