Total
1978 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34724 | 2 Google, Imaginationtech | 2 Android, Powervr-gpu | 2024-12-17 | 7 High |
| In _UnrefAndMaybeDestroy of pmr.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-34725 | 1 Google | 1 Android | 2024-12-17 | 7.0 High |
| In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-34731 | 1 Google | 1 Android | 2024-12-17 | 7.7 High |
| In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-54494 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-16 | 5.9 Medium |
| A race condition was addressed with additional validation. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An attacker may be able to create a read-only memory mapping that can be written to. | ||||
| CVE-2024-47892 | 2024-12-16 | 7.8 High | ||
| Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU. | ||||
| CVE-2024-11144 | 2024-12-16 | 7.5 High | ||
| The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user from a remote network. The crash causes the FTP service to become unavailable, affecting all users and processes that rely on it for file transfers. If the crash occurs during file upload or download, it could lead to incomplete file transfers, potentially corrupting data. The repeated crash might also affect the stability of the underlying system, especially if it leads to resource leaks or affects other services. | ||||
| CVE-2024-46971 | 2024-12-16 | 7.8 High | ||
| Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU. | ||||
| CVE-2024-48872 | 2024-12-16 | 4.8 Medium | ||
| Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, and 9.5.x <= 9.5.12 fail to prevent concurrently checking and updating the failed login attempts. which allows an attacker to bypass of "Max failed attempts" restriction and send a big number of login attempts before being blocked via simultaneously sending multiple login requests | ||||
| CVE-2024-1949 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | 2.6 Low |
| A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts. | ||||
| CVE-2024-53102 | 2024-12-12 | 4.7 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-27876 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-12-12 | 8.1 High |
| A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files. | ||||
| CVE-2023-42974 | 1 Apple | 4 Ipad Os, Ipados, Iphone Os and 1 more | 2024-12-12 | 7.0 High |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2024-47974 | 2024-12-11 | 4.4 Medium | ||
| Race condition during resource shutdown in some Solidigm DC Products may allow an attacker to potentially enable denial of service. | ||||
| CVE-2024-47968 | 2024-12-11 | 4.4 Medium | ||
| Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service. | ||||
| CVE-2024-32993 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-11 | 5.6 Medium |
| Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-42959 | 1 Apple | 1 Macos | 2024-12-09 | 7.0 High |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2024-32997 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-09 | 8.4 High |
| Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-52720 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-09 | 4.1 Medium |
| Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-32413 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-12-05 | 7.0 High |
| A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to gain root privileges. | ||||
| CVE-2023-20771 | 2 Google, Mediatek | 11 Android, Mt6580, Mt6739 and 8 more | 2024-12-04 | 6.4 Medium |
| In display, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07671046; Issue ID: ALPS07671046. | ||||