Export limit exceeded: 363500 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (2563 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-1000367 2 Redhat, Sudo Project 3 Enterprise Linux, Rhel Els, Sudo 2025-04-20 N/A
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
CVE-2016-9381 2 Citrix, Qemu 2 Xenserver, Qemu 2025-04-20 7.5 High
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
CVE-2017-15951 1 Linux 1 Linux Kernel 2025-04-20 7.8 High
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.
CVE-2014-9936 1 Google 1 Android 2025-04-20 N/A
In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel.
CVE-2017-11025 1 Google 1 Android 2025-04-20 N/A
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption can occur.
CVE-2017-11045 1 Google 1 Android 2025-04-20 N/A
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a camera driver function, a race condition exists which can lead to a Use After Free condition.
CVE-2016-10027 2 Fedoraproject, Igniterealtime 2 Fedora, Smack 2025-04-20 5.9 Medium
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response.
CVE-2017-12146 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-20 7.0 High
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.
CVE-2016-9256 1 F5 10 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 7 more 2025-04-20 N/A
In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race condition that occurs rarely in normal usage; the typical period in which this is possible is limited to at most a few seconds after the permission change.
CVE-2017-2533 1 Apple 1 Mac Os X 2025-04-20 N/A
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "DiskArbitration" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2017-6512 3 Canonical, Debian, File\ 3 Ubuntu Linux, Debian Linux, \ 2025-04-20 5.9 Medium
Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
CVE-2017-2898 1 Meetcircle 2 Circle With Disney, Circle With Disney Firmware 2025-04-20 7.5 High
An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be installed in the device resulting in arbitrary code execution. An attacker can send a series of packets to trigger this vulnerability.
CVE-2017-9684 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition.
CVE-2017-8244 1 Google 1 Android 2025-04-20 7.0 High
In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. "buffer->curr" itself could also be overwritten, which means that it may point to anywhere of kernel memory (for write).
CVE-2017-11044 1 Google 1 Android 2025-04-20 N/A
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a KGSL driver function, a race condition exists which can lead to a Use After Free condition.
CVE-2017-0462 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33353601. References: QC-CR#1102288.
CVE-2016-10242 1 Google 1 Android 2025-04-20 N/A
A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel.
CVE-2015-8556 1 Qemu 1 Qemu 2025-04-20 N/A
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
CVE-2017-17712 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-20 7.0 High
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
CVE-2014-9966 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display.