Total
1424 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-4883 | 1 Philippe Jounin | 1 Tftpd32 | 2023-12-10 | 4.3 MEDIUM | N/A |
Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid "connect frames." | |||||
CVE-2009-1894 | 1 Pulseaudio | 1 Pulseaudio | 2023-12-10 | 7.2 HIGH | N/A |
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink. | |||||
CVE-2008-6819 | 1 Microsoft | 2 Windows 2003 Server, Windows Vista | 2023-12-10 | 4.7 MEDIUM | N/A |
win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (system crash) via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-5182 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 6.9 MEDIUM | N/A |
The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount. | |||||
CVE-2009-1786 | 1 Ibm | 1 Aix | 2023-12-10 | 6.9 MEDIUM | N/A |
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable. | |||||
CVE-2009-1207 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.4 MEDIUM | N/A |
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files. | |||||
CVE-2009-4226 | 1 Sun | 1 Opensolaris | 2023-12-10 | 7.1 HIGH | N/A |
Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors related to the (1) tcp_do_getsockname or (2) tcp_do_getpeername function. | |||||
CVE-2009-2794 | 1 Apple | 1 Iphone Os | 2023-12-10 | 4.6 MEDIUM | N/A |
The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended Microsoft Exchange restrictions by choosing a large Require Passcode time value. | |||||
CVE-2008-4392 | 1 D.j.bernstein | 1 Djbdns | 2023-12-10 | 6.4 MEDIUM | N/A |
dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query. | |||||
CVE-2009-0784 | 2 Debian, Systemtap | 2 Debian Linux, Systemtap | 2023-12-10 | 6.3 MEDIUM | N/A |
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors. | |||||
CVE-2008-5044 | 1 Microsoft | 2 Windows Server 2003, Windows Vista | 2023-12-10 | 4.0 MEDIUM | N/A |
Race condition in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (crash or hang) via a multi-threaded application that makes many calls to UnhookWindowsHookEx while certain other desktop activity is occurring. | |||||
CVE-2008-4307 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.0 MEDIUM | N/A |
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case. | |||||
CVE-2009-1238 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable. | |||||
CVE-2008-2311 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.6 HIGH | N/A |
Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file. | |||||
CVE-2009-2135 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. | |||||
CVE-2008-1669 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 6.9 MEDIUM | N/A |
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table." | |||||
CVE-2009-2644 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds." | |||||
CVE-2008-5302 | 1 Perl | 2 File\, Perl | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions. | |||||
CVE-2009-1215 | 1 Gnu | 1 Gnu Screen | 2023-12-10 | 1.9 LOW | N/A |
Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file. | |||||
CVE-2009-3110 | 1 Symantec | 1 Altiris Deployment Solution | 2023-12-10 | 5.8 MEDIUM | N/A |
Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does. |