Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
race condition vulnerabilities and exploits
(subscribe to this query)
6.6
CVSSv3
CVE-2021-3054
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 version...
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2004-0174
Apache 1.4.x prior to 1.3.30, and 2.0.x prior to 2.0.49, when using multiple listening sockets on certain platforms, allows remote malicious users to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."...
Apache Http Server
NA
CVE-2006-0058
Signal handler race condition in Sendmail 8.13.x prior to 8.13.6 allows remote malicious users to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
Sendmail Sendmail 8.13.4
Sendmail Sendmail 8.13.1
Sendmail Sendmail 8.13.5
Sendmail Sendmail 8.13.0
Sendmail Sendmail 8.13.3
Sendmail Sendmail 8.13.2
1 EDB exploit
8.1
CVSSv3
CVE-2023-32250
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can le...
Linux Linux Kernel
Netapp Hci -
Netapp Hci Storage Nodes -
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
7.8
CVSSv3
CVE-2019-0836
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0841...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1703
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows Server 2016 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 8.1 -
1 EDB exploit
1 Article
NA
CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
Gnu Emacs 22.1
Gnu Emacs 23.1
Gnu Emacs 22.3
Gnu Emacs 22.2
7.8
CVSSv3
CVE-2023-36732
Win32k Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 22h2
Microsoft Windows 10 1809
Microsoft Windows 10 21h2
Microsoft Windows 10 1507
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 1607
7.8
CVSSv3
CVE-2024-26592
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbd_tcp_new_connection() The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on `struct tcp_transport` in ksmbd_tcp_new_connection() function.
Linux Linux Kernel
6.3
CVSSv3
CVE-2020-28049
An issue exists in SDDM prior to 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display ...
Sddm Project Sddm
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
NA
CVE-2001-0095
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
Sun Sunos 5.7
Sun Sunos 5.8
4 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »