Total
2006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8963 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.6 HIGH | 7.0 HIGH |
| Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation. | |||||
| CVE-2014-0703 | 1 Cisco | 2 Wireless Lan Controller, Wireless Lan Controller Software | 2025-04-12 | 10.0 HIGH | N/A |
| Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers to bypass intended access restrictions by connecting to an Aironet access point on which this server had been disabled ineffectively, aka Bug ID CSCuf66202. | |||||
| CVE-2016-3744 | 1 Google | 1 Android | 2025-04-12 | 4.3 MEDIUM | 7.5 HIGH |
| Buffer overflow in the create_pbuf function in btif/src/btif_hh.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to gain privileges via a crafted pairing operation, aka internal bug 27930580. | |||||
| CVE-2015-5189 | 1 Pacemaker\/corosync Configuration System Project | 1 Pacemaker\/corosync Configuration System | 2025-04-12 | 4.9 MEDIUM | N/A |
| Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated. | |||||
| CVE-2015-6789 | 1 Google | 1 Chrome | 2025-04-12 | 9.3 HIGH | N/A |
| Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact by leveraging unanticipated object deletion. | |||||
| CVE-2016-0858 | 1 Advantech | 1 Webaccess | 2025-04-12 | 9.3 HIGH | 8.1 HIGH |
| Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request. | |||||
| CVE-2016-3760 | 1 Google | 1 Android | 2025-04-12 | 5.4 MEDIUM | 7.5 HIGH |
| Bluetooth in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows local users to gain privileges by establishing a pairing that remains present during a session of the primary user, aka internal bug 27410683. | |||||
| CVE-2015-7814 | 1 Xen | 1 Xen | 2025-04-12 | 4.7 MEDIUM | N/A |
| Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service (host crash) via vectors involving the destruction of a domain and using XENMEM_decrease_reservation to reduce the memory of the domain. | |||||
| CVE-2015-8767 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-12 | 4.9 MEDIUM | 6.2 MEDIUM |
| net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. | |||||
| CVE-2015-1882 | 1 Ibm | 1 Websphere Application Server | 2025-04-12 | 8.5 HIGH | N/A |
| Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 allow remote authenticated users to gain privileges by leveraging thread conflicts that result in Java code execution outside the context of the configured EJB Run-as user. | |||||
| CVE-2016-0848 | 1 Google | 1 Android | 2025-04-12 | 7.2 HIGH | 8.4 HIGH |
| Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to bypass private-storage file-access restrictions via a crafted application that changes a symlink target, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26211054. | |||||
| CVE-2015-8511 | 1 Mozilla | 1 Firefox Os | 2025-04-12 | 6.9 MEDIUM | 6.4 MEDIUM |
| Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors. | |||||
| CVE-2015-3339 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-12 | 6.2 MEDIUM | N/A |
| Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped. | |||||
| CVE-2015-7312 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-12 | 4.4 MEDIUM | N/A |
| Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c. | |||||
| CVE-2016-1670 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2025-04-12 | 2.6 LOW | 5.3 MEDIUM |
| Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID. | |||||
| CVE-2015-7820 | 2 Ibm, Lenovo | 2 System Networking Switch Center, Switch Center | 2025-04-12 | 7.1 HIGH | N/A |
| Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal sequences to read arbitrary files, via a request to port 40080 or 40443. | |||||
| CVE-2015-0610 | 1 Cisco | 1 Ios | 2025-04-12 | 4.3 MEDIUM | N/A |
| Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071. | |||||
| CVE-2014-2667 | 1 Python | 1 Python | 2025-04-12 | 3.3 LOW | N/A |
| Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value. | |||||
| CVE-2015-4481 | 4 Microsoft, Mozilla, Opensuse and 1 more | 4 Windows, Firefox, Opensuse and 1 more | 2025-04-12 | 3.3 LOW | N/A |
| Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update. | |||||
| CVE-2015-0608 | 1 Cisco | 1 Ios | 2025-04-12 | 7.1 HIGH | N/A |
| Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCul48736. | |||||