Total
1424 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-3646 | 1 Apple | 1 Mac Os X | 2023-12-10 | 6.8 MEDIUM | N/A |
The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users. | |||||
CVE-2008-0055 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges. | |||||
CVE-2008-5303 | 1 Perl | 2 File\, Perl | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions. | |||||
CVE-2008-2365 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop | 2023-12-10 | 4.7 MEDIUM | N/A |
Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around &dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514. NOTE: this issue might only affect kernel versions before 2.6.16.x. | |||||
CVE-2008-6598 | 1 Sangoma | 1 Wanpipe | 2023-12-10 | 10.0 HIGH | N/A |
Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "bri restart logic." | |||||
CVE-2009-0875 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. | |||||
CVE-2008-2958 | 1 Checkinstall | 1 Checkinstall | 2023-12-10 | 4.4 MEDIUM | N/A |
Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories. | |||||
CVE-2009-2724 | 1 Sun | 1 Java Se | 2023-12-10 | 9.3 HIGH | N/A |
Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks." | |||||
CVE-2008-1375 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors. | |||||
CVE-2008-4229 | 1 Apple | 2 Iphone Os, Ipod Touch | 2023-12-10 | 3.7 LOW | N/A |
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup. | |||||
CVE-2008-1570 | 1 Policyd-weight | 1 Policyd-weight | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the create_lockpath function in policyd-weight 0.1.14 beta-16 allows local users to modify or delete arbitrary files by creating the LOCKPATH directory, then modifying it after the symbolic link check occurs. NOTE: this is due to an incomplete fix for CVE-2008-1569. | |||||
CVE-2008-1684 | 1 Sun | 1 Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file. | |||||
CVE-2008-0059 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.8 MEDIUM | N/A |
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic." | |||||
CVE-2009-3447 | 1 Radactive | 1 I-load | 2023-12-10 | 6.8 MEDIUM | N/A |
Unrestricted file upload vulnerability in RADactive I-Load before 2008.2.5.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, and then sending a request for a predictable filename during a short time window. | |||||
CVE-2008-2418 | 1 Sun | 1 Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | |||||
CVE-2008-2538 | 1 Sun | 1 Solaris | 2023-12-10 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors. | |||||
CVE-2009-4129 | 1 Mozilla | 1 Firefox | 2023-12-10 | 5.8 MEDIUM | N/A |
Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain. | |||||
CVE-2009-3527 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory corruption. | |||||
CVE-2009-1527 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object. | |||||
CVE-2008-5009 | 1 Sun | 2 Solstice X.25, Sunos | 2023-12-10 | 4.0 MEDIUM | N/A |
Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file. |