Total
1495 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15706 | 7 Canonical, Debian, Gnu and 4 more | 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more | 2022-11-16 | 4.4 MEDIUM | 6.4 MEDIUM |
| GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. | |||||
| CVE-2021-3597 | 2 Netapp, Redhat | 9 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 6 more | 2022-11-10 | 2.6 LOW | 5.9 MEDIUM |
| A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final. | |||||
| CVE-2022-44563 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-10 | N/A | 5.9 MEDIUM |
| There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-43980 | 2 Apache, Debian | 2 Tomcat, Debian Linux | 2022-11-10 | N/A | 3.7 LOW |
| The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client. | |||||
| CVE-2022-32895 | 1 Apple | 1 Macos | 2022-11-03 | N/A | 4.7 MEDIUM |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. | |||||
| CVE-2022-42806 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2022-11-03 | N/A | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42803 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-11-03 | N/A | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-38191 | 1 Tokio | 1 Tokio | 2022-11-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread. | |||||
| CVE-2020-36447 | 1 V9 Project | 1 V9 | 2022-11-03 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the v9 crate through 2020-12-18 for Rust. There is an unconditional implementation of Sync for SyncRef<T>. | |||||
| CVE-2018-20836 | 6 Canonical, Debian, F5 and 3 more | 13 Ubuntu Linux, Debian Linux, Traffix Signaling Delivery Controller and 10 more | 2022-11-03 | 9.3 HIGH | 8.1 HIGH |
| An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free. | |||||
| CVE-2021-45710 | 1 Tokio | 1 Tokio | 2022-11-01 | 5.1 MEDIUM | 8.1 HIGH |
| An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption. | |||||
| CVE-2022-1462 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2022-10-29 | 3.3 LOW | 6.3 MEDIUM |
| An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory. | |||||
| CVE-2022-27626 | 1 Synology | 4 Diskstation Manager, Ds3622xs\+, Fs3410 and 1 more | 2022-10-21 | N/A | 8.1 HIGH |
| A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following models with Synology DiskStation Manager (DSM) versions before 7.1.1-42962-2 may be affected: DS3622xs+, FS3410, and HD6500. | |||||
| CVE-2022-3566 | 1 Linux | 1 Linux Kernel | 2022-10-20 | N/A | 7.1 HIGH |
| A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability. | |||||
| CVE-2020-29370 | 2 Linux, Netapp | 10 Linux Kernel, Cloud Backup, H410c and 7 more | 2022-10-19 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. | |||||
| CVE-2021-39713 | 2 Debian, Google | 2 Debian Linux, Android | 2022-10-18 | 6.9 MEDIUM | 7.0 HIGH |
| Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel | |||||
| CVE-2021-43566 | 1 Samba | 1 Samba | 2022-10-14 | 1.2 LOW | 2.5 LOW |
| All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. | |||||
| CVE-2021-0696 | 1 Google | 1 Android | 2022-10-13 | N/A | 7.0 HIGH |
| In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242344778 | |||||
| CVE-2020-8834 | 4 Canonical, Ibm, Linux and 1 more | 4 Ubuntu Linux, Power8, Linux Kernel and 1 more | 2022-10-07 | 4.9 MEDIUM | 6.5 MEDIUM |
| KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to panic. There were two commits that, according to the reporter, introduced the vulnerability: f024ee098476 ("KVM: PPC: Book3S HV: Pull out TM state save/restore into separate procedures") 87a11bb6a7f7 ("KVM: PPC: Book3S HV: Work around XER[SO] bug in fake suspend mode") The former landed in 4.8, the latter in 4.17. This was fixed without realizing the impact in 4.18 with the following three commits, though it's believed the first is the only strictly necessary commit: 6f597c6b63b6 ("KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm()") 7b0e827c6970 ("KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm") 009c872a8bc4 ("KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file") | |||||
| CVE-2020-29372 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2022-10-06 | 4.7 MEDIUM | 4.7 MEDIUM |
| An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the IORING_OP_MADVISE implementation, aka CID-bc0c4d1e176e. | |||||