Total
2033 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-8122 | 1 Redhat | 7 Jboss Bpms, Jboss Brms, Jboss Data Grid and 4 more | 2025-04-12 | N/A |
| Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state. | ||||
| CVE-2016-1807 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | N/A |
| Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors. | ||||
| CVE-2016-1670 | 4 Debian, Google, Opensuse and 1 more | 4 Debian Linux, Chrome, Opensuse and 1 more | 2025-04-12 | N/A |
| Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID. | ||||
| CVE-2016-7098 | 1 Gnu | 1 Wget | 2025-04-12 | N/A |
| Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open. | ||||
| CVE-2015-7613 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-12 | N/A |
| Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. | ||||
| CVE-2016-6198 | 3 Linux, Oracle, Redhat | 5 Linux Kernel, Linux, Vm Server and 2 more | 2025-04-12 | N/A |
| The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c. | ||||
| CVE-2016-7777 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it. | ||||
| CVE-2015-8767 | 4 Canonical, Debian, Linux and 1 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2025-04-12 | N/A |
| net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. | ||||
| CVE-2015-3709 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation. | ||||
| CVE-2015-7312 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-12 | 4.0 Medium |
| Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c. | ||||
| CVE-2016-6156 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double fetch" vulnerability. | ||||
| CVE-2015-3081 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2025-04-12 | N/A |
| Race condition in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to bypass the Internet Explorer Protected Mode protection mechanism via unspecified vectors. | ||||
| CVE-2016-3258 | 1 Microsoft | 4 Windows 10, Windows 8.1, Windows Rt 8.1 and 1 more | 2025-04-12 | N/A |
| Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System Security Feature Bypass." | ||||
| CVE-2015-7189 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2025-04-12 | N/A |
| Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code. | ||||
| CVE-2016-7911 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.8 High |
| Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call. | ||||
| CVE-2016-6516 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability. | ||||
| CVE-2014-5195 | 2 Ayatana Project, Canonical | 2 Unity, Ubuntu Linux | 2025-04-12 | N/A |
| Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension. | ||||
| CVE-2014-7170 | 1 Puppet | 1 Puppet Server | 2025-04-12 | N/A |
| Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service. | ||||
| CVE-2015-7990 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. | ||||
| CVE-2014-0062 | 2 Postgresql, Redhat | 4 Postgresql, Cloudforms Managementengine, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window. | ||||