Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
race condition vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2017-11353
yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys.
Yadm Project Yadm 1.10.0
NA
CVE-2014-4703
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
Nagios Nagios 2.0.2
1 EDB exploit
NA
CVE-2004-2014
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.
Gnu Wget 1.6
Gnu Wget 1.7
Gnu Wget 1.5.3
Gnu Wget 1.9
Gnu Wget 1.9.1
Gnu Wget 1.8.1
Gnu Wget 1.8.2
Gnu Wget 1.7.1
Gnu Wget 1.8
1 EDB exploit
7.8
CVSSv3
CVE-2017-13216
In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not ...
Google Android -
1 EDB exploit
7.8
CVSSv3
CVE-2021-44731
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local malicious user to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing sna...
Canonical Snapd
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
NA
CVE-2020-10708
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
5.9
CVSSv3
CVE-2017-14955
Check_MK prior to 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote malicious users to obtain sensitive user information by reading a GUI crash report.
Tribe29 Checkmk 1.2.5
Tribe29 Checkmk 1.2.6
Tribe29 Checkmk 1.2.7
Tribe29 Checkmk 1.2.3
Tribe29 Checkmk 1.2.8
Tribe29 Checkmk 1.2.4
1 EDB exploit
6.6
CVSSv3
CVE-2021-3054
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 version...
Paloaltonetworks Pan-os
NA
CVE-2010-0436
Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 up to and including 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socke...
Kde Kde Sc 4.3.4
Kde Kde Sc 4.3.0
Kde Kde Sc 4.2.2
Kde Kde Sc 4.4.1
Kde Kde Sc 4.3.5
Kde Kde Sc 4.3.1
Kde Kde Sc 4.4.0
Kde Kde Sc 4.4.2
Kde Kde Sc 4.1.2
Kde Kde Sc 3.5.10
Kde Kde Sc 2.2.0
NA
CVE-2013-4393
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
Systemd Project Systemd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »