Export limit exceeded: 14110 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3654 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25394 | 1 Getvideostream | 1 Videostream | 2025-01-23 | 7 High |
| Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script attempts to update Videostream every 5 hours. | ||||
| CVE-2023-28308 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28307 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28306 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28278 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28273 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 6 more | 2025-01-23 | 7 High |
| Windows Clip Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-28232 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 7.5 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-28305 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-2839 | 1 Gpac | 1 Gpac | 2025-01-21 | 7.5 High |
| Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-31225 | 1 Huawei | 1 Emui | 2025-01-16 | 3.3 Low |
| The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability. | ||||
| CVE-2023-28320 | 3 Apple, Haxx, Netapp | 12 Macos, Curl, Clustered Data Ontap and 9 more | 2025-01-15 | 5.9 Medium |
| A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. | ||||
| CVE-2021-26569 | 1 Synology | 1 Diskstation Manager | 2025-01-14 | 9.8 Critical |
| Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web requests. | ||||
| CVE-2024-54102 | 1 Huawei | 1 Harmonyos | 2025-01-14 | 6.1 Medium |
| Race condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-54122 | 1 Huawei | 1 Harmonyos | 2025-01-14 | 6.2 Medium |
| Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-30571 | 1 Libarchive | 1 Libarchive | 2025-01-14 | 3.9 Low |
| Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race condition could lead to implicit directory creation with permissions 0777 (without the sticky bit), which means that any low-privileged local user can delete and rename files inside those directories. | ||||
| CVE-2022-47525 | 1 Fox-it | 2 Fox Datadiode, Fox Datadiode Firmware | 2025-01-14 | 7.5 High |
| Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction. | ||||
| CVE-2024-56441 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-13 | 4.1 Medium |
| Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-54120 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 4.1 Medium |
| Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | ||||
| CVE-2023-33974 | 1 Riot-os | 1 Riot | 2025-01-10 | 7.5 High |
| RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send multiple crafted frames to the device to trigger a race condition. The race condition invalidates assumptions about the program state and leads to an invalid memory access resulting in denial of service. This issue is patched in pull request 19679. There are no known workarounds. | ||||
| CVE-2023-29537 | 1 Mozilla | 2 Firefox, Focus | 2025-01-09 | 7.5 High |
| Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. | ||||