| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. |
| Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext. |
| Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file. |
| Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. |
| Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407. |
| Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, when using in-memory session replication or replicated stateful session beans, causes the same buffer to be provided to two users, which could allow one user to see session data that was intended for another user. |
| The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. |
| Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control. |
| A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks. |
| Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag action, and re-focusing to a malicious window. |
| Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. |
| Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE. |
| Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows local users to execute arbitrary code via temporary files, including dejavu_manual.rb, which are executed with raised privileges. |
| A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service (DoS) attack. |
| An arbitrary file download vulnerability exists in the rpc_agent_client component of modelscope/agentscope version v0.0.4. This vulnerability allows any user to download any file from the rpc_agent's host by exploiting the download_file method. This can lead to unauthorized access to sensitive information, including configuration files, credentials, and potentially system files, which may facilitate further exploitation such as privilege escalation or lateral movement within the network. |
| When manipulating the selection node cache, an attacker may have been able to cause unexpected behavior, potentially leading to an exploitable crash. This vulnerability affects Firefox < 131.0.3. |
| Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. |
| In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This could lead to local escalation of privilege that fails to remove the persistent dot with no additional execution privileges needed. User interaction is not needed for exploitation. |
| WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently useless. |
| A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability. |
