Total
1795 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-39679 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| In init of vendor_graphicbuffer_meta.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188745089References: N/A | |||||
| CVE-2021-39648 | 1 Google | 1 Android | 2024-11-21 | 1.9 LOW | 4.1 MEDIUM |
| In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-160822094References: Upstream kernel | |||||
| CVE-2021-39642 | 1 Google | 1 Android | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195731663References: N/A | |||||
| CVE-2021-39629 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197353344 | |||||
| CVE-2021-38587 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). | |||||
| CVE-2021-38191 | 1 Tokio | 1 Tokio | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread. | |||||
| CVE-2021-37991 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 5.1 MEDIUM | 7.5 HIGH |
| Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-37134 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components. | |||||
| CVE-2021-37085 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.1 HIGH | 5.9 MEDIUM |
| There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service. | |||||
| CVE-2021-37082 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. | |||||
| CVE-2021-37074 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. | |||||
| CVE-2021-37073 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with. | |||||
| CVE-2021-37069 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. | |||||
| CVE-2021-36994 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist. | |||||
| CVE-2021-36987 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.1 HIGH | 5.9 MEDIUM |
| There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart. | |||||
| CVE-2021-36808 | 1 Sophos | 1 Sophos Secure Workspace | 2024-11-21 | 4.4 MEDIUM | 5.9 MEDIUM |
| A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. | |||||
| CVE-2021-36221 | 5 Debian, Fedoraproject, Golang and 2 more | 6 Debian Linux, Fedora, Go and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. | |||||
| CVE-2021-36181 | 1 Fortinet | 1 Fortiportal | 2024-11-21 | 3.5 LOW | 3.1 LOW |
| A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific coordination of web requests. | |||||
| CVE-2021-35494 | 1 Tibco | 1 Jasperreports Server | 2024-11-21 | 3.5 LOW | 5.7 MEDIUM |
| The Rest API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contain a race condition that allows a low privileged authenticated attacker via the REST API to obtain read access to temporary objects created by other users on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 7.2.1 and below, TIBCO JasperReports Server: versions 7.5.0 and 7.5.1, TIBCO JasperReports Server: version 7.8.0, TIBCO JasperReports Server: version 7.9.0, TIBCO JasperReports Server - Community Edition: versions 7.8.0 and below, TIBCO JasperReports Server - Developer Edition: versions 7.9.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and below, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and below, and TIBCO JasperReports Server for Microsoft Azure: version 7.8.0. | |||||
| CVE-2021-34462 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
| Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | |||||