Search Results (2575 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2023 1 Exim 1 Exim 2025-04-11 N/A
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
CVE-2010-4765 1 Otrs 1 Otrs 2025-04-11 N/A
Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System (OTRS) before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets.
CVE-2010-5150 2 3dprotect, Microsoft 2 3d Eqsecure, Windows Xp 2025-04-11 N/A
Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-5153 2 Avira, Microsoft 3 Antivir Security Suite, Premium Security Suite, Windows Xp 2025-04-11 5.3 Medium
Race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2009-4272 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 4 more 2025-04-11 7.5 High
A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash chain is too long. NOTE: this is related to an issue in the Linux kernel before 2.6.31, when the kernel routing cache is disabled, involving an uninitialized pointer and a panic.
CVE-2010-5154 2 Bitdefender, Microsoft 2 Bitdefender Total Security 2010, Windows Xp 2025-04-11 N/A
Race condition in BitDefender Total Security 2010 13.0.20.347 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-5156 2 Ca, Microsoft 2 Internet Security Suite 2010, Windows Xp 2025-04-11 N/A
Race condition in CA Internet Security Suite Plus 2010 6.0.0.272 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-5159 2 Drweb, Microsoft 2 Web Security Space, Windows Xp 2025-04-11 7 High
Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-1161 1 Gnu 1 Nano 2025-04-11 N/A
Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.
CVE-2010-5160 2 Eset, Microsoft 2 Smart Security, Windows Xp 2025-04-11 4.5 Medium
Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-5161 2 F-secure, Microsoft 2 F-secure Internet Security 2010, Windows Xp 2025-04-11 N/A
Race condition in F-Secure Internet Security 2010 10.00 build 246 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-5162 2 Gdata, Microsoft 2 Totalcare 2010, Windows Xp 2025-04-11 N/A
Race condition in G DATA TotalCare 2010 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-5164 2 Kingsoft, Microsoft 2 Personal Firewall 9, Windows Xp 2025-04-11 5.3 Medium
Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2012-3748 1 Apple 2 Iphone Os, Safari 2025-04-11 N/A
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays.
CVE-2010-5166 2 Mcafee, Microsoft 2 Total Protection 2010, Windows Xp 2025-04-11 N/A
Race condition in McAfee Total Protection 2010 10.0.580 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2011-0784 1 Google 1 Chrome 2025-04-11 N/A
Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio.
CVE-2010-5168 2 Microsoft, Symantec 2 Windows Xp, Norton Internet Security 2010 2025-04-11 N/A
Race condition in Symantec Norton Internet Security 2010 17.5.0.127 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-5170 2 Microsoft, Online-solutions 2 Windows Xp, Online Solutions Security Suite 2025-04-11 N/A
Race condition in Online Solutions Security Suite 1.5.14905.0 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVE-2010-1228 1 Google 1 Chrome 2025-04-11 N/A
Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors.
CVE-2010-5173 2 Microsoft, Pctools 2 Windows Xp, Pctools Firewall 2025-04-11 N/A
Race condition in PC Tools Firewall Plus 6.0.0.88 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute