Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
race condition vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2004-2014
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.
Gnu Wget 1.6
Gnu Wget 1.7
Gnu Wget 1.5.3
Gnu Wget 1.9
Gnu Wget 1.9.1
Gnu Wget 1.8.1
Gnu Wget 1.8.2
Gnu Wget 1.7.1
Gnu Wget 1.8
1 EDB exploit
6.8
CVSSv2
CVE-2021-26569
Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
7.2
CVSSv2
CVE-2021-32606
In the Linux kernel 5.11 up to and including 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2017-11353
yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys.
Yadm Project Yadm 1.10.0
8.5
CVSSv2
CVE-2021-3054
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 version...
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2017-14955
Check_MK prior to 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote malicious users to obtain sensitive user information by reading a GUI crash report.
Tribe29 Checkmk 1.2.5
Tribe29 Checkmk 1.2.6
Tribe29 Checkmk 1.2.7
Tribe29 Checkmk 1.2.3
Tribe29 Checkmk 1.2.8
Tribe29 Checkmk 1.2.4
1 EDB exploit
6.9
CVSSv2
CVE-2010-0436
Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 up to and including 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socke...
Kde Kde Sc 4.3.4
Kde Kde Sc 4.3.0
Kde Kde Sc 4.2.2
Kde Kde Sc 4.4.1
Kde Kde Sc 4.3.5
Kde Kde Sc 4.3.1
Kde Kde Sc 4.4.0
Kde Kde Sc 4.4.2
Kde Kde Sc 4.1.2
Kde Kde Sc 3.5.10
Kde Kde Sc 2.2.0
6.9
CVSSv2
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
Sudo Project Sudo 1.8.15
Sudo Project Sudo 1.8.14
Sudo Project Sudo 1.8.13
Sudo Project Sudo 1.8.12
Sudo Project Sudo 1.8.10
Sudo Project Sudo 1.8.9
Sudo Project Sudo 1.8.11
Sudo Project Sudo 1.8.8
1 Github repository
2.1
CVSSv2
CVE-2013-4393
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
Systemd Project Systemd
6.9
CVSSv2
CVE-2021-23133
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) prior to 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element ...
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire \\& Hci Management Node -
Broadcom Brocade Fabric Operating System -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »