Total
1978 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-3111 | 2 Pulpproject, Redhat | 3 Pulp, Satellite, Satellite Capsule | 2025-04-20 | N/A |
pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via reading the key files while the installation process is running. | ||||
CVE-2015-8239 | 1 Sudo Project | 1 Sudo | 2025-04-20 | N/A |
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed. | ||||
CVE-2017-7533 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Enterprise Mrg and 2 more | 2025-04-20 | 7.0 High |
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions. | ||||
CVE-2015-5948 | 1 Salesagility | 1 Suitecrm | 2025-04-20 | N/A |
Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5947. | ||||
CVE-2015-5947 | 1 Salesagility | 1 Suitecrm | 2025-04-20 | 8.1 High |
SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. | ||||
CVE-2015-5232 | 1 Cornelisnetworks | 2 Opa-ff, Opa-fm | 2025-04-20 | 8.1 High |
Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 10.4.0.0.197. | ||||
CVE-2016-10027 | 2 Fedoraproject, Igniterealtime | 2 Fedora, Smack | 2025-04-20 | 5.9 Medium |
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response. | ||||
CVE-2016-9381 | 2 Citrix, Qemu | 2 Xenserver, Qemu | 2025-04-20 | 7.5 High |
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability. | ||||
CVE-2014-9966 | 1 Google | 1 Android | 2025-04-20 | N/A |
In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display. | ||||
CVE-2014-9936 | 1 Google | 1 Android | 2025-04-20 | N/A |
In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel. | ||||
CVE-2014-9914 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.8 High |
Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets. | ||||
CVE-2017-11353 | 1 Yadm Project | 1 Yadm | 2025-04-20 | N/A |
yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys. | ||||
CVE-2015-1865 | 1 Gnu | 1 Coreutils | 2025-04-20 | N/A |
fts.c in coreutils 8.4 allows local users to delete arbitrary files. | ||||
CVE-2015-1325 | 1 Canonical | 1 Ubuntu Linux | 2025-04-20 | N/A |
Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges. | ||||
CVE-2014-9941 | 1 Google | 1 Android | 2025-04-20 | N/A |
In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. | ||||
CVE-2017-0727 | 1 Google | 1 Android | 2025-04-20 | N/A |
A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-33004354. | ||||
CVE-2016-10200 | 3 Google, Linux, Redhat | 6 Android, Linux Kernel, Enterprise Linux and 3 more | 2025-04-20 | 7.0 High |
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c. | ||||
CVE-2017-9718 | 1 Google | 1 Android | 2025-04-20 | N/A |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite. | ||||
CVE-2017-9697 | 1 Google | 1 Android | 2025-04-20 | N/A |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table. | ||||
CVE-2017-9685 | 1 Google | 1 Android | 2025-04-20 | N/A |
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition. |