Total
1495 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4226 | 1 Sun | 1 Opensolaris | 2017-08-17 | N/A |
| Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors related to the (1) tcp_do_getsockname or (2) tcp_do_getpeername function. | ||||
| CVE-2009-4129 | 1 Mozilla | 1 Firefox | 2017-08-17 | N/A |
| Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain. | ||||
| CVE-2009-2794 | 1 Apple | 1 Iphone Os | 2017-08-17 | N/A |
| The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended Microsoft Exchange restrictions by choosing a large Require Passcode time value. | ||||
| CVE-2009-1215 | 1 Gnu | 1 Gnu Screen | 2017-08-17 | N/A |
| Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file. | ||||
| CVE-2008-6598 | 1 Sangoma | 1 Wanpipe | 2017-08-17 | N/A |
| Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "bri restart logic." | ||||
| CVE-2016-4982 | 1 Teether | 1 Authd | 2017-08-09 | N/A |
| authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it. | ||||
| CVE-2015-5191 | 2 Linux, Vmware | 2 Linux Kernel, Tools | 2017-08-08 | N/A |
| VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | ||||
| CVE-2008-4392 | 1 D.j.bernstein | 1 Djbdns | 2017-08-08 | N/A |
| dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query. | ||||
| CVE-2008-3646 | 1 Apple | 1 Mac Os X | 2017-08-08 | N/A |
| The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users. | ||||
| CVE-2008-2958 | 1 Checkinstall | 1 Checkinstall | 2017-08-08 | N/A |
| Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories. | ||||
| CVE-2008-2311 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
| Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file. | ||||
| CVE-2008-1570 | 1 Policyd-weight | 1 Policyd-weight | 2017-08-08 | N/A |
| Race condition in the create_lockpath function in policyd-weight 0.1.14 beta-16 allows local users to modify or delete arbitrary files by creating the LOCKPATH directory, then modifying it after the symbolic link check occurs. NOTE: this is due to an incomplete fix for CVE-2008-1569. | ||||
| CVE-2008-0059 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
| Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic." | ||||
| CVE-2008-0058 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
| Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object. | ||||
| CVE-2008-0055 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
| Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges. | ||||
| CVE-2015-7891 | 1 Samsung | 1 Samsung Mobile | 2017-08-04 | N/A |
| Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | ||||
| CVE-2015-7543 | 2 Artsproject, Kde | 2 Arts, Kdelibs | 2017-07-31 | N/A |
| aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory. | ||||
| CVE-2007-6180 | 1 Sun | 1 Solaris | 2017-07-29 | N/A |
| Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors. | ||||
| CVE-2007-5847 | 1 Apple | 1 Mac Os X | 2017-07-29 | N/A |
| Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information. | ||||
| CVE-2007-5154 | 1 Aimluck | 2 Aipo, Aipo Asp | 2017-07-29 | N/A |
| Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors. | ||||