Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
race condition vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-13216
In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not ...
Google Android -
1 EDB exploit
5.9
CVSSv3
CVE-2017-11353
yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys.
Yadm Project Yadm 1.10.0
8.1
CVSSv3
CVE-2021-26569
Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
NA
CVE-2014-4703
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
Nagios Nagios 2.0.2
1 EDB exploit
NA
CVE-2020-10708
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
7.8
CVSSv3
CVE-2021-44731
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local malicious user to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing sna...
Canonical Snapd
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
5.9
CVSSv3
CVE-2017-14955
Check_MK prior to 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote malicious users to obtain sensitive user information by reading a GUI crash report.
Tribe29 Checkmk 1.2.8
Tribe29 Checkmk 1.2.3
Tribe29 Checkmk 1.2.4
Tribe29 Checkmk 1.2.5
Tribe29 Checkmk 1.2.6
Tribe29 Checkmk 1.2.7
1 EDB exploit
NA
CVE-2013-4393
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
Systemd Project Systemd
7
CVSSv3
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
Sudo Project Sudo 1.8.15
Sudo Project Sudo 1.8.14
Sudo Project Sudo 1.8.13
Sudo Project Sudo 1.8.12
Sudo Project Sudo 1.8.11
Sudo Project Sudo 1.8.10
Sudo Project Sudo 1.8.9
Sudo Project Sudo 1.8.8
1 Github repository
NA
CVE-2010-0436
Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 up to and including 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socke...
Kde Kde Sc 4.4.1
Kde Kde Sc 4.2.2
Kde Kde Sc 4.4.2
Kde Kde Sc 2.2.0
Kde Kde Sc 4.1.2
Kde Kde Sc 4.4.0
Kde Kde Sc 4.3.5
Kde Kde Sc 4.3.0
Kde Kde Sc 4.3.1
Kde Kde Sc 4.3.4
Kde Kde Sc 3.5.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »