Total
2033 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8280 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch. | ||||
| CVE-2017-15265 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Enterprise Mrg and 4 more | 2025-04-20 | 7.0 High |
| Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c. | ||||
| CVE-2017-14902 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can potentially occur. | ||||
| CVE-2015-8239 | 1 Sudo Project | 1 Sudo | 2025-04-20 | N/A |
| The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed. | ||||
| CVE-2017-1346 | 1 Ibm | 1 Business Process Manager | 2025-04-20 | N/A |
| IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan. IBM X-Force ID: 126461. | ||||
| CVE-2017-6408 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2025-04-20 | N/A |
| An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured. | ||||
| CVE-2015-7891 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
| Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | ||||
| CVE-2016-10297 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. | ||||
| CVE-2016-10027 | 2 Fedoraproject, Igniterealtime | 2 Fedora, Smack | 2025-04-20 | 5.9 Medium |
| Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response. | ||||
| CVE-2016-10242 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel. | ||||
| CVE-2017-2478 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||||
| CVE-2017-5986 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-20 | N/A |
| Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. | ||||
| CVE-2017-8266 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. | ||||
| CVE-2017-12146 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-20 | 7.0 High |
| The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides. | ||||
| CVE-2017-15038 | 1 Qemu | 1 Qemu | 2025-04-20 | N/A |
| Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes. | ||||
| CVE-2014-7953 | 1 Google | 1 Android | 2025-04-20 | N/A |
| Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat's output looking for a dexopt line, which once found should execute bindBackupAgent with the uid member of the ApplicationInfo parameter set to 1000. | ||||
| CVE-2017-6512 | 3 Canonical, Debian, File\ | 3 Ubuntu Linux, Debian Linux, \ | 2025-04-20 | 5.9 Medium |
| Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic. | ||||
| CVE-2017-6874 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.0 High |
| Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that causes incorrect interaction between put_ucounts and get_ucounts. | ||||
| CVE-2015-7553 | 1 Redhat | 3 Enterprise Linux, Enterprise Mrg, Kernel-rt | 2025-04-20 | N/A |
| Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets. | ||||
| CVE-2017-0794 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A elevation of privilege vulnerability in the Upstream kernel scsi driver. Product: Android. Versions: Android kernel. Android ID: A-35644812. | ||||