Total
1933 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1262 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2013-5164 | 1 Apple | 1 Iphone Os | 2025-04-11 | 3.3 LOW | N/A |
| Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane. | |||||
| CVE-2012-3868 | 1 Isc | 1 Bind | 2025-04-11 | 4.3 MEDIUM | N/A |
| Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries. | |||||
| CVE-2010-5168 | 2 Microsoft, Symantec | 2 Windows Xp, Norton Internet Security 2010 | 2025-04-11 | 6.2 MEDIUM | N/A |
| Race condition in Symantec Norton Internet Security 2010 17.5.0.127 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | |||||
| CVE-2011-3961 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. | |||||
| CVE-2011-1833 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 3.3 LOW | N/A |
| Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid. | |||||
| CVE-2013-1251 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2012-2373 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.0 MEDIUM | N/A |
| The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition. | |||||
| CVE-2012-0649 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 6.9 MEDIUM | N/A |
| Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file. | |||||
| CVE-2010-5162 | 2 Gdata, Microsoft | 2 Totalcare 2010, Windows Xp | 2025-04-11 | 6.2 MEDIUM | N/A |
| Race condition in G DATA TotalCare 2010 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | |||||
| CVE-2013-1256 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2010-2961 | 1 Scott James Remnant | 1 Mountall | 2025-04-11 | 6.9 MEDIUM | N/A |
| mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file. | |||||
| CVE-2012-3483 | 1 Google | 1 Tunnelblick | 2025-04-11 | 6.2 MEDIUM | N/A |
| Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file. | |||||
| CVE-2012-3386 | 1 Gnu | 1 Automake | 2025-04-11 | 4.4 MEDIUM | N/A |
| The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-0893 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Race condition in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media. | |||||
| CVE-2010-4012 | 1 Apple | 1 Iphone Os | 2025-04-11 | 6.2 MEDIUM | N/A |
| Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button. | |||||
| CVE-2010-5184 | 2 Checkpoint, Microsoft | 2 Zonealarm Extreme Security, Windows Xp | 2025-04-11 | 6.2 MEDIUM | N/A |
| Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | |||||
| CVE-2011-2183 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.0 MEDIUM | N/A |
| Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application. | |||||
| CVE-2011-1485 | 1 Redhat | 1 Policykit | 2025-04-11 | 6.9 MEDIUM | N/A |
| Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID. | |||||
| CVE-2010-5169 | 2 Emisoft, Microsoft | 2 Online Armor, Windows Xp | 2025-04-11 | 6.2 MEDIUM | 7.0 HIGH |
| Race condition in Online Armor Premium 4.0.0.35 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | |||||