Total
1660 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-0784 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio. | ||||
CVE-2011-0753 | 1 Php | 1 Php | 2024-08-06 | N/A |
Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals. | ||||
CVE-2011-0699 | 1 Linux | 1 Linux Kernel | 2024-08-06 | 7.0 High |
Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value. | ||||
CVE-2011-0695 | 3 Canonical, Linux, Redhat | 9 Ubuntu Linux, Linux Kernel, Enterprise Linux and 6 more | 2024-08-06 | N/A |
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference. | ||||
CVE-2012-6095 | 1 Proftpd | 1 Proftpd | 2024-08-06 | N/A |
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands. | ||||
CVE-2012-5660 | 1 Redhat | 2 Automatic Bug Reporting Tool, Enterprise Linux | 2024-08-06 | N/A |
abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes." | ||||
CVE-2012-5507 | 2 Plone, Zope | 2 Plone, Zope | 2024-08-06 | N/A |
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation. | ||||
CVE-2012-5119 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Race condition in Pepper, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to buffers. | ||||
CVE-2012-5108 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Race condition in Google Chrome before 22.0.1229.92 allows remote attackers to execute arbitrary code via vectors related to audio devices. | ||||
CVE-2012-4508 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2024-08-06 | N/A |
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. | ||||
CVE-2012-3868 | 1 Isc | 1 Bind | 2024-08-06 | N/A |
Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries. | ||||
CVE-2012-3748 | 1 Apple | 2 Iphone Os, Safari | 2024-08-06 | N/A |
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. | ||||
CVE-2012-3552 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Eus | 2024-08-06 | 5.9 Medium |
Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic. | ||||
CVE-2012-3511 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-08-06 | N/A |
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call. | ||||
CVE-2012-3500 | 2 Devscripts Devel Team, Fedora | 2 Devscripts, Rpmdevtools | 2024-08-06 | N/A |
scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file. | ||||
CVE-2012-3386 | 2 Gnu, Redhat | 2 Automake, Enterprise Linux | 2024-08-06 | N/A |
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors. | ||||
CVE-2012-3063 | 1 Cisco | 1 Application Control Engine Software | 2024-08-06 | N/A |
Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5(1.1), when multicontext mode is enabled, does not properly share a management IP address among multiple contexts, which allows remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances, and read or modify configuration settings, via a login attempt to a context, aka Bug ID CSCts30631, a different vulnerability than CVE-2012-3058. | ||||
CVE-2012-2868 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-08-06 | N/A |
Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object. | ||||
CVE-2012-2880 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-08-06 | N/A |
Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer. | ||||
CVE-2012-2737 | 1 Ray Stode | 1 Accountsservice | 2024-08-06 | N/A |
The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition. |