Total
1661 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-2314 | 1 Qualcomm | 48 Msm8909w, Msm8909w Firmware, Qcs405 and 45 more | 2024-08-04 | N/A |
Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24 | ||||
CVE-2019-2260 | 1 Qualcomm | 78 Mdm9150, Mdm9150 Firmware, Mdm9206 and 75 more | 2024-08-04 | N/A |
A race condition occurs while processing perf-event which can lead to a use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016, SXR1130 | ||||
CVE-2019-2189 | 1 Google | 1 Android | 2024-08-04 | 6.4 Medium |
In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112312381 | ||||
CVE-2019-2213 | 1 Google | 1 Android | 2024-08-04 | 7.4 High |
In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernel | ||||
CVE-2019-2284 | 1 Qualcomm | 42 Msm8909w, Msm8909w Firmware, Qcs405 and 39 more | 2024-08-04 | 7.0 High |
Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24 | ||||
CVE-2019-2219 | 1 Google | 1 Android | 2024-08-04 | 4.7 Medium |
In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119041698 | ||||
CVE-2019-2188 | 1 Google | 1 Android | 2024-08-04 | 6.4 Medium |
In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112309571 | ||||
CVE-2019-2121 | 1 Google | 1 Android | 2024-08-04 | N/A |
In ActivityManagerService.attachApplication of ActivityManagerService, there is a possible race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-131105245. | ||||
CVE-2019-2095 | 1 Google | 1 Android | 2024-08-04 | N/A |
In callGenIDChangeListeners and related functions of SkPixelRef.cpp, there is a possible use after free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-124232283. | ||||
CVE-2019-2006 | 1 Google | 1 Android | 2024-08-04 | N/A |
In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-116665972 | ||||
CVE-2019-2025 | 1 Google | 1 Android | 2024-08-04 | N/A |
In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernel | ||||
CVE-2019-2008 | 1 Google | 1 Android | 2024-08-04 | N/A |
In createEffect of AudioFlinger.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-122309228 | ||||
CVE-2019-1416 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-08-04 | 7.0 High |
An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. | ||||
CVE-2019-0217 | 8 Apache, Canonical, Debian and 5 more | 16 Http Server, Ubuntu Linux, Debian Linux and 13 more | 2024-08-04 | 7.5 High |
In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | ||||
CVE-2019-0114 | 1 Intel | 1 Graphics Driver | 2024-08-04 | N/A |
A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. | ||||
CVE-2020-36557 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-04 | 5.1 Medium |
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. | ||||
CVE-2020-36447 | 1 V9 Project | 1 V9 | 2024-08-04 | 8.1 High |
An issue was discovered in the v9 crate through 2020-12-18 for Rust. There is an unconditional implementation of Sync for SyncRef<T>. | ||||
CVE-2020-36454 | 1 Parc Project | 1 Parc | 2024-08-04 | 8.1 High |
An issue was discovered in the parc crate through 2020-11-14 for Rust. LockWeak<T> has an unconditional implementation of Send without trait bounds on T. | ||||
CVE-2020-36442 | 1 Beef Project | 1 Beef | 2024-08-04 | 8.1 High |
An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait. | ||||
CVE-2020-36441 | 1 Abox Project | 1 Abox | 2024-08-04 | 8.1 High |
An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox<T> with no requirement for T: Send and T: Sync. |