Search Results (3347 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-41774 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 8.1 High
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41773 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 8.1 High
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41769 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 8.1 High
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41771 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 8.1 High
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41767 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 8.1 High
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41768 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 8.1 High
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41770 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 8.1 High
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41765 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 8.1 High
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-36786 1 Microsoft 1 Skype For Business Server 2025-04-14 7.2 High
Skype for Business Remote Code Execution Vulnerability
CVE-2023-36902 1 Microsoft 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more 2025-04-14 7 High
Windows Runtime Remote Code Execution Vulnerability
CVE-2022-4129 3 Fedoraproject, Linux, Redhat 5 Fedora, Layer 2 Tunneling Protocol, Enterprise Linux and 2 more 2025-04-14 5.5 Medium
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
CVE-2014-6054 4 Canonical, Debian, Libvncserver and 1 more 4 Ubuntu Linux, Debian Linux, Libvncserver and 1 more 2025-04-12 N/A
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message.
CVE-2016-2812 1 Mozilla 1 Firefox 2025-04-12 N/A
Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.
CVE-2015-8963 1 Linux 1 Linux Kernel 2025-04-12 7 High
Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.
CVE-2014-4699 4 Canonical, Debian, Linux and 1 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2025-04-12 N/A
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
CVE-2015-3709 1 Apple 1 Mac Os X 2025-04-12 N/A
Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation.
CVE-2015-7820 2 Ibm, Lenovo 2 System Networking Switch Center, Switch Center 2025-04-12 N/A
Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal sequences to read arbitrary files, via a request to port 40080 or 40443.
CVE-2016-7777 1 Xen 1 Xen 2025-04-12 N/A
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it.
CVE-2016-6663 4 Mariadb, Oracle, Percona and 1 more 6 Mariadb, Mysql, Percona Server and 3 more 2025-04-12 N/A
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
CVE-2015-8878 1 Php 1 Php 2025-04-12 N/A
main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory corruption) by leveraging an application that performs many temporary-file accesses.