Export limit exceeded: 351640 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3808 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-0245 | 2 Freedesktop, Opensuse | 2 Dbus, Opensuse | 2025-04-12 | N/A |
| D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds. | ||||
| CVE-2015-0295 | 3 Digia, Fedoraproject, Opensuse | 3 Qt, Fedora, Opensuse | 2025-04-12 | N/A |
| The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file. | ||||
| CVE-2015-1099 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2025-04-12 | N/A |
| Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app. | ||||
| CVE-2015-1200 | 1 Pxz Project | 1 Pxz | 2025-04-12 | N/A |
| Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to bypass the intended access restrictions. | ||||
| CVE-2015-1234 | 5 Apple, Google, Linux and 2 more | 5 Macos, Chrome, Linux Kernel and 2 more | 2025-04-12 | N/A |
| Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES commands. | ||||
| CVE-2015-1882 | 1 Ibm | 1 Websphere Application Server | 2025-04-12 | N/A |
| Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 allow remote authenticated users to gain privileges by leveraging thread conflicts that result in Java code execution outside the context of the configured EJB Run-as user. | ||||
| CVE-2015-2418 | 1 Microsoft | 1 Malicious Software Removal Tool | 2025-04-12 | N/A |
| Race condition in Microsoft Malicious Software Removal Tool (MSRT) before 5.26 allows local users to gain privileges via a crafted DLL, aka "MSRT Race Condition Vulnerability." | ||||
| CVE-2015-3081 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2025-04-12 | N/A |
| Race condition in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to bypass the Internet Explorer Protected Mode protection mechanism via unspecified vectors. | ||||
| CVE-2015-3709 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation. | ||||
| CVE-2015-4170 | 2 Linux, Redhat | 9 Linux Kernel, Enterprise Linux, Enterprise Linux Compute Node Eus and 6 more | 2025-04-12 | N/A |
| Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread. | ||||
| CVE-2015-4199 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (NULL pointer free and module crash) by triggering intermittent connectivity with many IPv6 CPE devices, aka Bug ID CSCug47366. | ||||
| CVE-2015-4203 | 1 Cisco | 2 Ios, Ubr10000 Cable Modem Termination System | 2025-04-12 | N/A |
| Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396. | ||||
| CVE-2015-5240 | 2 Openstack, Redhat | 2 Neutron, Openstack | 2025-04-12 | N/A |
| Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied. | ||||
| CVE-2015-7312 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-12 | 4.0 Medium |
| Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c. | ||||
| CVE-2015-7496 | 3 Fedoraproject, Gnome, Redhat | 3 Fedora, Gnome Display Manager, Enterprise Linux | 2025-04-12 | N/A |
| GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. | ||||
| CVE-2015-7513 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2025-04-12 | 6.5 Medium |
| arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions. | ||||
| CVE-2015-7817 | 2 Ibm, Lenovo | 2 System Networking Switch Center, Switch Center | 2025-04-12 | N/A |
| Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal sequences to read arbitrary text files, via a request to port 40080 or 40443. | ||||
| CVE-2015-7820 | 2 Ibm, Lenovo | 2 System Networking Switch Center, Switch Center | 2025-04-12 | N/A |
| Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal sequences to read arbitrary files, via a request to port 40080 or 40443. | ||||
| CVE-2015-7990 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. | ||||
| CVE-2015-8461 | 1 Isc | 1 Bind | 2025-04-12 | N/A |
| Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors. | ||||