Total
1795 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22428 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. | |||||
| CVE-2021-22427 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. | |||||
| CVE-2021-22384 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. | |||||
| CVE-2021-22378 | 1 Huawei | 2 Ecns280 Td, Ecns280 Td Firmware | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
| There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal. | |||||
| CVE-2021-22340 | 1 Huawei | 2 Manageone, Smc2.0 | 2024-11-21 | 4.7 MEDIUM | 4.1 MEDIUM |
| There is a multiple threads race condition vulnerability in Huawei product. A race condition exists for concurrent I/O read by multiple threads. An attacker with the root permission can exploit this vulnerability by performing some operations. Successful exploitation of this vulnerability may cause the system to crash. Affected product versions include: ManageOne 6.5.1.SPC200, 8.0.0,8.0.0-LCND81, 8.0.0.SPC100, 8.0.1,8.0.RC2, 8.0.RC3, 8.0.RC3.SPC100;SMC2.0 V600R019C10SPC700,V600R019C10SPC702, V600R019C10SPC703,V600R019C10SPC800, V600R019C10SPC900, V600R019C10SPC910, V600R019C10SPC920, V600R019C10SPC921, V600R019C10SPC922, V600R019C10SPC930, V600R019C10SPC931 | |||||
| CVE-2021-22004 | 3 Fedoraproject, Microsoft, Saltstack | 3 Fedora, Windows, Salt | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software. | |||||
| CVE-2021-21165 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21117 | 1 Google | 1 Chrome | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a local attacker to perform OS-level privilege escalation via a crafted file. | |||||
| CVE-2021-21005 | 1 Phoenixcontact | 30 Fl Nat Smn 8tx, Fl Nat Smn 8tx-m, Fl Nat Smn 8tx-m Firmware and 27 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards. | |||||
| CVE-2021-20321 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | |||||
| CVE-2021-20316 | 3 Debian, Redhat, Samba | 7 Debian Linux, Enterprise Linux, Enterprise Linux Aus and 4 more | 2024-11-21 | N/A | 6.8 MEDIUM |
| A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. | |||||
| CVE-2021-20261 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the device have changed the impact changes greatly. In the default configuration root (or equivalent) permissions are required to attack this flaw. | |||||
| CVE-2021-20251 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-11-21 | N/A | 5.9 MEDIUM |
| A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met. | |||||
| CVE-2021-20181 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 6.9 MEDIUM | 7.5 HIGH |
| A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability. | |||||
| CVE-2021-1958 | 1 Qualcomm | 76 Qca6574a, Qca6574a Firmware, Qca6574au and 73 more | 2024-11-21 | 4.4 MEDIUM | 6.7 MEDIUM |
| A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-1900 | 1 Qualcomm | 180 Apq8009, Apq8009 Firmware, Apq8009w and 177 more | 2024-11-21 | 4.4 MEDIUM | 8.4 HIGH |
| Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1884 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. A remote attacker may be able to cause a denial of service. | |||||
| CVE-2021-1806 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-1061 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2024-11-21 | 3.3 LOW | 6.3 MEDIUM |
| NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-0955 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-192085766 | |||||