Total
1264 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0245 | 1 Redhat | 1 Jboss Portal | 2020-01-14 | 4.3 MEDIUM | 5.9 MEDIUM |
| It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0. | |||||
| CVE-2019-19580 | 2 Fedoraproject, Xen | 2 Fedora, Xen | 2020-01-03 | 6.0 MEDIUM | 6.6 MEDIUM |
| An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in restartable PV type change operations. Despite extensive testing and auditing, some corner cases were missed. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All security-supported versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Note that these attacks require very precise timing, which may be difficult to exploit in practice. | |||||
| CVE-2019-11090 | 1 Intel | 3 Platform Trust Technology Firmware, Server Platform Services Firmware, Trusted Execution Engine Firmware | 2020-01-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2019-8757 | 1 Apple | 1 Mac Os X | 2019-12-26 | 1.9 LOW | 2.5 LOW |
| A race condition existed when reading and writing user preferences. This was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15. The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics. | |||||
| CVE-2019-8606 | 1 Apple | 1 Mac Os X | 2019-12-23 | 6.9 MEDIUM | 7.0 HIGH |
| A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions. | |||||
| CVE-2019-6232 | 1 Apple | 1 Icloud | 2019-12-21 | 7.6 HIGH | 7.5 HIGH |
| A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. | |||||
| CVE-2019-6236 | 1 Apple | 1 Icloud | 2019-12-21 | 7.6 HIGH | 7.5 HIGH |
| A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution. | |||||
| CVE-2019-8565 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-12-20 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges. | |||||
| CVE-2014-3701 | 1 Redhat | 2 Edeploy, Jboss Enterprise Web Server | 2019-12-19 | 9.3 HIGH | 8.1 HIGH |
| eDeploy has tmp file race condition flaws | |||||
| CVE-2019-19017 | 1 Titanhq | 1 Webtitan | 2019-12-09 | 9.3 HIGH | 8.1 HIGH |
| An issue was discovered in TitanHQ WebTitan before 5.18. The appliance has a hard-coded root password set during installation. An attacker could utilize this to gain root privileges on the system. | |||||
| CVE-2014-5254 | 1 Xcfa Project | 1 Xcfa | 2019-11-26 | 3.3 LOW | 4.7 MEDIUM |
| xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. | |||||
| CVE-2016-1000236 | 2 Cookie-signature Project, Debian | 2 Cookie-signature, Debian Linux | 2019-11-21 | 3.5 LOW | 4.4 MEDIUM |
| Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used. | |||||
| CVE-2019-18421 | 1 Xen | 1 Xen | 2019-11-14 | 7.1 HIGH | 7.5 HIGH |
| An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen exposes the actual hardware pagetables to the guest. In order to prevent the guest from modifying these page tables directly, Xen keeps track of how pages are used using a type system; pages must be "promoted" before being used as a pagetable, and "demoted" before being used for any other type. Xen also allows for "recursive" promotions: i.e., an operating system promoting a page to an L4 pagetable may end up causing pages to be promoted to L3s, which may in turn cause pages to be promoted to L2s, and so on. These operations may take an arbitrarily large amount of time, and so must be re-startable. Unfortunately, making recursive pagetable promotion and demotion operations restartable is incredibly complicated, and the code contains several races which, if triggered, can cause Xen to drop or retain extra type counts, potentially allowing guests to get write access to in-use pagetables. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All x86 systems with untrusted PV guests are vulnerable. HVM and PVH guests cannot exercise this vulnerability. | |||||
| CVE-2009-4011 | 1 Dtc-xen Project | 1 Dtc-xen | 2019-11-12 | 6.8 MEDIUM | 8.1 HIGH |
| dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console. | |||||
| CVE-2019-18684 | 1 Sudo Project | 1 Sudo | 2019-11-08 | 6.9 MEDIUM | 7.0 HIGH |
| ** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=(ALL) NOPASSWD:ALL" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers. | |||||
| CVE-2005-2352 | 1 Gs-gpl Project | 1 Gs-gpl | 2019-11-06 | 6.8 MEDIUM | 8.1 HIGH |
| I race condition in Temp files was found in gs-gpl before 8.56 addons scripts. | |||||
| CVE-2010-3493 | 1 Python | 1 Python | 2019-10-25 | 4.3 MEDIUM | N/A |
| Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492. | |||||
| CVE-2019-14810 | 1 Arista | 10 7020r, 7280e, 7280r and 7 more | 2019-10-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17) | |||||
| CVE-2017-14955 | 1 Tribe29 | 1 Checkmk | 2019-10-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GUI crash report. | |||||
| CVE-2016-10906 | 1 Linux | 1 Linux Kernel | 2019-10-15 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean. | |||||