Search Results (3347 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-5754 1 Apple 1 Mac Os X 2025-04-12 N/A
Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error.
CVE-2015-5189 2 Pacemaker\/corosync Configuration System Project, Redhat 2 Pacemaker\/corosync Configuration System, Enterprise Linux 2025-04-12 N/A
Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.
CVE-2015-0631 1 Cisco 12 Ids 4210, Ids 4215, Ids 4220 and 9 more 2025-04-12 N/A
Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688.
CVE-2015-2715 2 Mozilla, Opensuse 2 Firefox, Opensuse 2025-04-12 N/A
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.
CVE-2014-3385 1 Cisco 1 Asa 2025-04-12 N/A
Race condition in the Health and Performance Monitoring (HPM) for ASDM feature in Cisco ASA Software 8.3 before 8.3(2.42), 8.4 before 8.4(7.11), 8.5 before 8.5(1.19), 8.6 before 8.6(1.13), 8.7 before 8.7(1.11), 9.0 before 9.0(4.8), and 9.1 before 9.1(4.5) allows remote attackers to cause a denial of service (device reload) via TCP traffic that triggers many half-open connections at the same time, aka Bug ID CSCum00556.
CVE-2016-2544 1 Linux 1 Linux Kernel 2025-04-12 N/A
Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time.
CVE-2014-6054 4 Canonical, Debian, Libvncserver and 1 more 4 Ubuntu Linux, Debian Linux, Libvncserver and 1 more 2025-04-12 N/A
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message.
CVE-2015-1200 1 Pxz Project 1 Pxz 2025-04-12 N/A
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to bypass the intended access restrictions.
CVE-2016-7777 1 Xen 1 Xen 2025-04-12 N/A
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it.
CVE-2016-6198 3 Linux, Oracle, Redhat 5 Linux Kernel, Linux, Vm Server and 2 more 2025-04-12 N/A
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c.
CVE-2010-5313 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-12 N/A
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842.
CVE-2015-2706 1 Mozilla 1 Firefox 2025-04-12 N/A
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
CVE-2015-6761 3 Ffmpeg, Google, Redhat 3 Ffmpeg, Chrome, Rhel Extras 2025-04-12 N/A
The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file.
CVE-2014-2706 4 Linux, Oracle, Redhat and 1 more 8 Linux Kernel, Linux, Enterprise Linux and 5 more 2025-04-12 N/A
Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.
CVE-2014-1419 1 Canonical 2 Acpi-support, Ubuntu Linux 2025-04-12 N/A
Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.
CVE-2016-1757 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2015-0610 1 Cisco 1 Ios 2025-04-12 N/A
Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071.
CVE-2016-3258 1 Microsoft 4 Windows 10, Windows 8.1, Windows Rt 8.1 and 1 more 2025-04-12 N/A
Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System Security Feature Bypass."
CVE-2015-7613 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more 2025-04-12 N/A
Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.
CVE-2015-4203 1 Cisco 2 Ios, Ubr10000 Cable Modem Termination System 2025-04-12 N/A
Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396.