Total
1700 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2069 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2018-01-05 | 4.4 MEDIUM | 7.4 HIGH |
| Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU. | |||||
| CVE-2011-3090 | 1 Google | 1 Chrome | 2017-12-29 | 7.6 HIGH | N/A |
| Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes. | |||||
| CVE-2017-11049 | 1 Google | 1 Android | 2017-12-19 | 4.4 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a video driver, a race condition exists which can potentially lead to a buffer overflow. | |||||
| CVE-2017-11045 | 1 Google | 1 Android | 2017-12-19 | 4.4 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a camera driver function, a race condition exists which can lead to a Use After Free condition. | |||||
| CVE-2017-11044 | 1 Google | 1 Android | 2017-12-19 | 4.4 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a KGSL driver function, a race condition exists which can lead to a Use After Free condition. | |||||
| CVE-2014-0062 | 1 Postgresql | 1 Postgresql | 2017-12-16 | 4.9 MEDIUM | N/A |
| Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window. | |||||
| CVE-2017-14902 | 1 Google | 1 Android | 2017-12-15 | 6.9 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can potentially occur. | |||||
| CVE-2017-9703 | 1 Google | 1 Android | 2017-12-15 | 4.4 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a Camera driver can lead to a Use After Free condition. | |||||
| CVE-2017-9708 | 1 Google | 1 Android | 2017-12-15 | 4.4 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a race condition can occur in variable "*reg_ptr" of sub function "msm_camera_config_single_vreg". | |||||
| CVE-2017-9718 | 1 Google | 1 Android | 2017-12-15 | 4.4 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite. | |||||
| CVE-2017-8148 | 1 Huawei | 2 P9, P9 Firmware | 2017-12-12 | 5.4 MEDIUM | 4.7 MEDIUM |
| Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the race condition cause null pointer accessing during the application access shared resource, which make the system reboot. | |||||
| CVE-2012-1324 | 1 Cisco | 1 Ios | 2017-12-07 | 7.1 HIGH | N/A |
| Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, when IPS policies are configured, allows remote attackers to cause a denial of service (device crash) by sending IPv6 packets, aka Bug ID CSCtk53534. | |||||
| CVE-2017-8281 | 1 Google | 1 Android | 2017-12-06 | 2.6 LOW | 4.7 MEDIUM |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. | |||||
| CVE-2012-0656 | 1 Apple | 1 Mac Os X | 2017-12-05 | 6.9 MEDIUM | N/A |
| Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is enabled, allows physically proximate attackers to login to arbitrary accounts by entering the account name and no password. | |||||
| CVE-2012-0649 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-12-05 | 6.9 MEDIUM | N/A |
| Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file. | |||||
| CVE-2017-11025 | 1 Google | 1 Android | 2017-11-30 | 4.4 MEDIUM | 7.0 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption can occur. | |||||
| CVE-2015-4170 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Linux Compute Node Eus, Enterprise Linux For Ibm Z Systems Eus and 3 more | 2017-11-12 | 4.7 MEDIUM | 4.7 MEDIUM |
| Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread. | |||||
| CVE-2015-8239 | 1 Sudo Project | 1 Sudo | 2017-11-05 | 6.9 MEDIUM | 7.0 HIGH |
| The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed. | |||||
| CVE-2015-7550 | 1 Linux | 1 Linux Kernel | 2017-11-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls. | |||||
| CVE-2017-10915 | 1 Xen | 1 Xen | 2017-11-04 | 6.8 MEDIUM | 9.0 CRITICAL |
| The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219. | |||||