Search Results (3347 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5303 2 Perl, Redhat 3 File\, Perl, Enterprise Linux 2025-04-09 N/A
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
CVE-2009-0320 1 Microsoft 4 Windows Server 2003, Windows Server 2008, Windows Vista and 1 more 2025-04-09 N/A
Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe) to estimate the number of characters that a different user entered at a runas.exe password prompt, related to a "benchmarking attack."
CVE-2009-1837 4 Debian, Fedoraproject, Mozilla and 1 more 9 Debian Linux, Fedora, Firefox and 6 more 2025-04-09 7.5 High
Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.
CVE-2008-5302 2 Perl, Redhat 3 File\, Perl, Enterprise Linux 2025-04-09 N/A
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
CVE-2008-5044 1 Microsoft 2 Windows Server 2003, Windows Vista 2025-04-09 N/A
Race condition in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (crash or hang) via a multi-threaded application that makes many calls to UnhookWindowsHookEx while certain other desktop activity is occurring.
CVE-2009-4226 1 Sun 1 Opensolaris 2025-04-09 N/A
Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors related to the (1) tcp_do_getsockname or (2) tcp_do_getpeername function.
CVE-2007-3268 1 Ibm 1 Tivoli Provisioning Manager Os Deployment 2025-04-09 7.5 High
The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.
CVE-2009-1786 1 Ibm 1 Aix 2025-04-09 N/A
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
CVE-2007-6599 2 Debian, Openafs 2 Debian Linux, Openafs 2025-04-09 N/A
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
CVE-2008-2958 1 Checkinstall 1 Checkinstall 2025-04-09 N/A
Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.
CVE-2007-0997 1 Linux 1 Linux Kernel 2025-04-09 N/A
Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers.
CVE-2008-4307 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2025-04-09 N/A
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case.
CVE-2008-6598 1 Sangoma 1 Wanpipe 2025-04-09 N/A
Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "bri restart logic."
CVE-2009-4129 1 Mozilla 1 Firefox 2025-04-09 N/A
Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain.
CVE-2009-4027 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Eus 2025-04-09 N/A
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.
CVE-2009-1894 1 Pulseaudio 1 Pulseaudio 2025-04-09 N/A
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.
CVE-2006-6275 1 Sun 2 Solaris, Sunos 2025-04-09 N/A
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.
CVE-2008-0379 1 Businessobjects 1 Crystal Reports Xi 2025-04-09 N/A
Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer overflow.
CVE-2008-6819 1 Microsoft 2 Windows 2003 Server, Windows Vista 2025-04-09 N/A
win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (system crash) via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084. NOTE: some of these details are obtained from third party information.
CVE-2005-4883 1 Philippe Jounin 1 Tftpd32 2025-04-09 N/A
Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid "connect frames."