Total
1495 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-27019 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-06-16 | N/A | 4.7 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in __nft_obj_type_get(). Therefore, there is potential data-race of nf_tables_objects list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_objects list in __nft_obj_type_get(), and use rcu_read_lock() in the caller nft_obj_type_get() to protect the entire type query process. | |||||
| CVE-2024-35255 | 2024-06-13 | N/A | 5.5 MEDIUM | ||
| Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability | |||||
| CVE-2023-26980 | 1 Pax | 2 A920 Pro, Paydroid | 2024-06-11 | N/A | 7.0 HIGH |
| PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. NOTE: the vendor disputes this because the attack is not feasible: the home launcher will be loaded before any user applications. | |||||
| CVE-2019-18683 | 6 Broadcom, Canonical, Debian and 3 more | 23 Fabric Operating System, Ubuntu Linux, Debian Linux and 20 more | 2024-06-07 | 6.9 MEDIUM | 7.0 HIGH |
| An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free. | |||||
| CVE-2024-3979 | 2024-06-06 | 3.2 LOW | 4.4 MEDIUM | ||
| A vulnerability, which was classified as problematic, has been found in COVESA vsomeip up to 3.4.10. Affected by this issue is some unknown functionality. The manipulation leads to race condition. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261596. | |||||
| CVE-2024-28999 | 1 Solarwinds | 1 Solarwinds Platform | 2024-06-06 | N/A | 8.1 HIGH |
| The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. | |||||
| CVE-2010-5160 | 2 Eset, Microsoft | 2 Smart Security, Windows Xp | 2024-06-04 | 6.2 MEDIUM | N/A |
| Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | |||||
| CVE-2023-24861 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-05-29 | N/A | 7.0 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2023-23407 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-05-29 | N/A | 7.1 HIGH |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability | |||||
| CVE-2023-23404 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-23393 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2024-05-29 | N/A | 7.0 HIGH |
| Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability | |||||
| CVE-2023-35362 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-05-29 | N/A | 7.8 HIGH |
| Windows Clip Service Elevation of Privilege Vulnerability | |||||
| CVE-2023-35361 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-05-29 | N/A | 7.0 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-35360 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-05-29 | N/A | 7.0 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-35351 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-05-29 | N/A | 6.6 MEDIUM |
| Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | |||||
| CVE-2023-35346 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-05-29 | N/A | 6.6 MEDIUM |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2023-35310 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-05-29 | N/A | 6.6 MEDIUM |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2023-35309 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2023-33170 | 2 Fedoraproject, Microsoft | 3 Fedora, .net, Visual Studio 2022 | 2024-05-29 | N/A | 8.1 HIGH |
| ASP.NET and Visual Studio Security Feature Bypass Vulnerability | |||||
| CVE-2023-21771 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2022 | 2024-05-29 | N/A | 7.0 HIGH |
| Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability | |||||