Total
1661 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-5835 | 1 Symantec | 1 Endpoint Protection Manager | 2024-08-04 | 7.0 High |
Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine. | ||||
CVE-2020-3966 | 1 Vmware | 4 Cloud Foundation, Esxi, Fusion and 1 more | 2024-08-04 | 7.5 High |
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible. | ||||
CVE-2020-3941 | 2 Microsoft, Vmware | 2 Windows, Tools | 2024-08-04 | 7.0 High |
The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11. | ||||
CVE-2020-3894 | 2 Apple, Redhat | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2024-08-04 | 3.1 Low |
A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. | ||||
CVE-2020-3831 | 1 Apple | 2 Ipados, Iphone Os | 2024-08-04 | 7.0 High |
A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | ||||
CVE-2020-1839 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-08-04 | 6.3 Medium |
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another process that is operating concurrently, an attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution. | ||||
CVE-2020-1814 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2024-08-04 | 5.3 Medium |
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal. | ||||
CVE-2020-1733 | 3 Debian, Fedoraproject, Redhat | 7 Debian Linux, Fedora, Ansible and 4 more | 2024-08-04 | 5 Medium |
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask 77 && mkdir -p <dir>"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'. | ||||
CVE-2020-1021 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-08-04 | 7.8 High |
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088. | ||||
CVE-2020-0554 | 2 Intel, Microsoft | 14 Ac 3165 Firmware, Ac 3168 Firmware, Ac 7265 Firmware and 11 more | 2024-08-04 | 7.0 High |
Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local access. | ||||
CVE-2020-0568 | 1 Intel | 1 Driver \& Support Assistant | 2024-08-04 | 4.7 Medium |
Race condition in the Intel(R) Driver and Support Assistant before version 20.1.5 may allow an authenticated user to potentially enable denial of service via local access. | ||||
CVE-2020-0428 | 1 Google | 1 Android | 2024-08-04 | 6.4 Medium |
In CamX code, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-123999783 | ||||
CVE-2020-0474 | 1 Google | 1 Android | 2024-08-04 | 7.0 High |
In HalCamera::requestNewFrame of HalCamera.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-169282240 | ||||
CVE-2020-0373 | 1 Google | 1 Android | 2024-08-04 | 4.7 Medium |
In SoundTriggerHwService, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-146894086 | ||||
CVE-2020-0305 | 3 Google, Opensuse, Redhat | 3 Android, Leap, Enterprise Linux | 2024-08-04 | 6.4 Medium |
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744 | ||||
CVE-2020-0268 | 1 Google | 1 Android | 2024-08-04 | 6.4 Medium |
In NFC, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148294643 | ||||
CVE-2020-0218 | 1 Google | 1 Android | 2024-08-04 | 7.0 High |
In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136005905 | ||||
CVE-2020-0199 | 1 Google | 1 Android | 2024-08-04 | 4.1 Medium |
In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142142406 | ||||
CVE-2020-0141 | 1 Google | 1 Android | 2024-08-04 | 4.4 Medium |
In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possible heap disclosure due to a race condition. This could lead to remote information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142544793 | ||||
CVE-2020-0126 | 1 Google | 1 Android | 2024-08-04 | 6.4 Medium |
In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930 |