Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2015-2234

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-12 May, 2015 | 19:00
Updated At-06 Aug, 2024 | 05:10
Rejected At-
Credits

Race condition in Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:12 May, 2015 | 19:00
Updated At:06 Aug, 2024 | 05:10
Rejected At:
▼CVE Numbering Authority (CNA)

Race condition in Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf
x_refsource_MISC
http://support.lenovo.com/us/en/product_security/lsu_privilege
x_refsource_CONFIRM
http://www.securityfocus.com/bid/74634
vdb-entry
x_refsource_BID
http://securitytracker.com/id/1032268
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf
Resource:
x_refsource_MISC
Hyperlink: http://support.lenovo.com/us/en/product_security/lsu_privilege
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/74634
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://securitytracker.com/id/1032268
Resource:
vdb-entry
x_refsource_SECTRACK
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf
x_refsource_MISC
x_transferred
http://support.lenovo.com/us/en/product_security/lsu_privilege
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/74634
vdb-entry
x_refsource_BID
x_transferred
http://securitytracker.com/id/1032268
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://support.lenovo.com/us/en/product_security/lsu_privilege
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/74634
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://securitytracker.com/id/1032268
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:12 May, 2015 | 19:59
Updated At:06 May, 2026 | 22:30

Race condition in Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.9MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 6.9
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CPE Matches

Lenovo Group Limited
lenovo
>>system_update>>Versions up to 5.06.0027(inclusive)
cpe:2.3:a:lenovo:system_update:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-362Primarynvd@nist.gov
CWE ID: CWE-362
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://securitytracker.com/id/1032268cve@mitre.org
N/A
http://support.lenovo.com/us/en/product_security/lsu_privilegecve@mitre.org
Vendor Advisory
http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdfcve@mitre.org
N/A
http://www.securityfocus.com/bid/74634cve@mitre.org
N/A
http://securitytracker.com/id/1032268af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.lenovo.com/us/en/product_security/lsu_privilegeaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/74634af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://securitytracker.com/id/1032268
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.lenovo.com/us/en/product_security/lsu_privilege
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/74634
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securitytracker.com/id/1032268
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.lenovo.com/us/en/product_security/lsu_privilege
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/74634
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

187Records found

CVE-2015-7335
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.23% / 13.75%
||
7 Day CHG~0.00%
Published-27 Mar, 2020 | 14:05
Updated-06 Aug, 2024 | 07:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A race condition was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow a user to execute arbitrary code with elevated privileges.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-system_updaten/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-8342
Matching Score-10
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-10
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.22% / 12.13%
||
7 Day CHG~0.00%
Published-15 Sep, 2020 | 14:20
Updated-17 Sep, 2024 | 00:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_updateSystem Update
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2018-9070
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.29% / 20.38%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 16:00
Updated-16 Sep, 2024 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo.

Action-Not Available
Vendor-Lenovo Group Limited
Product-smart_assistantLenovo Smart Assistant
CVE-2017-3775
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.27% / 18.72%
||
7 Day CHG~0.00%
Published-04 May, 2018 | 16:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-flex_system_x880system_x3650_m5system_x3950_x6nextscale_nx360_m5_biosflex_system_x240_m5_biossystem_x3550_m5flex_system_x280_x6flex_system_x480_x6_biossystem_x3950_x6_biosnextscale_nx360_m5flex_system_x880_biossystem_x3500_m5flex_system_x280_x6_biosflex_system_x240_m5system_x3850_x6flex_system_x480_x6system_x3850_x6_biossystem_x3250_m6system_x3250_m6_biossystem_x3500_m5_biossystem_x3550_m5_biossystem_x3650_m5_biosSome Lenovo Flex System and Lenovo System x products
CWE ID-CWE-287
Improper Authentication
CVE-2017-3750
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.14% / 3.93%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.

Action-Not Available
Vendor-Google LLCLenovo Group Limited
Product-vibe_a2860vibe_a1600vibe_a3500vibe_k30-evibe_k32c30vibe_a6020i37vibe_a6000-ivibe_a6800vibe_a3900vibe_a6000vibe_k30-w-cuvibe_a3600-dvibe_a6600vibe_a2560vibe_k80mvibe_a2880vibe_a2800vibe_a3600uvibe_a3800-dandroidvibe_a3000Lenovo Vibe and Lenovo China-only Moto Mobile Phones
CVE-2021-3633
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.25% / 16.50%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 16:25
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.

Action-Not Available
Vendor-Lenovo Group Limited
Product-drivers_managementDriver Management
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-3519
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.23% / 13.80%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 22:05
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes.

Action-Not Available
Vendor-Microsoft CorporationLenovo Group Limited
Product-v530-15arr_firmwarethinkcentre_m70q_firmwarethinkstation_p520_firmwarethinkcentre_m80sthinkcentre_m75s_gen_2_firmwarethinkcentre_qt_m415_firmwarethinkcentre_e75_t\/sthinkcentre_m80q_firmwarethinkcentre_m720ethinkcentre_m90s_firmwarethinkcentre_m630e_firmwarethinkcentre_m70s_firmwareideacentre_510s-07icbthinkcentre_e75_t\/s_firmwarethinkcentre_m90q_tiny_firmwarewindows_10ideacentre_g5-14imb05_firmwarev50t-13imb_g2_firmwarethinkcentre_m70qthinkstation_p520v520thinkcentre_m630eideacentre_510a-15arrthinkcentre_m710ethinkcentre_m710t_firmwarev50t-13imbv530-15arrideacentre_c5-14mb05thinkcentre_m75n_firmwarethinkcentre_m720e_firmwarethinkcentre_m80qv330_firmwareideacentre_5-14iob6v50a-24imb_firmwarethinkcentre_m70c_firmwareideacentre_510s-07ick_firmwarev530s-07icb_firmwarev50t-13imb_g2thinkcentre_m810zthinkcentre_m90tthinkcentre_m75nthinkstation_p340ideacentre_310s-08igm_firmwarethinkcentre_m810z_firmwareideacentre_c5-14mb05_firmwareideacentre_5-14iob6_firmwareideacentre_510a-15arr_firmwarethinkcentre_m710tthinkcentre_m60e_tinythinkcentre_m70a_firmwarev530-15icrv530s-07icbthinkcentre_m70cthinkcentre_m710e_firmwarev50a-22imbthinkcentre_qt_m410thinkcentre_qt_b415_firmwarev50a-24imbthinkcentre_m90sv520s_firmwarethinkcentre_m60e_tiny_firmwareideacentre_310s-08igmideacentre_510s-07icb_firmwarethinkcentre_m90av50s-07imbideacentre_creator_5-14iob6thinkcentre_m75s_gen_2thinkstation_p340_firmwarethinkcentre_m70a_gen_2v50a-22imb_firmwarethinkstation_p920thinkcentre_m70sideacentre_5-14imb05thinkcentre_m70tthinkcentre_m80tv50s-07imb_firmwarev30a-22imlthinkstation_p340_tiny_firmwarethinkcentre_m90a_firmwarev520_firmwarethinkstation_p520c_firmwarethinkcentre_m70av30a-22iml_firmwarethinkcentre_m820z_firmwarethinkcentre_qt_m415thinkcentre_qt_m410_firmwarev530s-07icr_firmwareideacentre_510s-07ickthinkcentre_m90a_tinythinkcentre_m75t_gen_2_firmwarethinkstation_p720thinkcentre_m710s_firmwarev530s-07icrv55t-15apiideacentre_5-14imb05_firmwarev330v50t-13imb_firmwarethinkcentre_m820zideacentre_3-07imb05_firmwarethinkcentre_m710sthinkstation_p920_firmwareideacentre_gaming_5-14iob6_firmwarethinkcentre_m80t_firmwareideacentre_gaming_5-14iob6v520sthinkcentre_qt_b415thinkcentre_m70t_firmwareideacentre_g5-14imb05thinkcentre_m70a_gen_2_firmwarev530-15icr_firmwarethinkstation_p720_firmwarethinkcentre_m80s_firmwareideacentre_3-07imb05v55t-15api_firmwarethinkcentre_m75t_gen_2ideacentre_creator_5-14iob6_firmwarethinkstation_p340_tinythinkstation_p520cthinkcentre_m90t_firmwareDesktop BIOS
CWE ID-CWE-287
Improper Authentication
CVE-2015-8109
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.37% / 28.99%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 06:12
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires knowledge of the time that this account was created, aka a "temporary administrator account vulnerability."

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-lenovo_system_updaten/a
CVE-2015-3214
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.9||MEDIUM
EPSS-1.59% / 72.73%
||
7 Day CHG~0.00%
Published-31 Aug, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.

Action-Not Available
Vendor-n/aQEMULenovo Group LimitedLinux Kernel Organization, IncRed Hat, Inc.Debian GNU/LinuxArista Networks, Inc.
Product-enterprise_linux_server_update_services_for_sap_solutionsdebian_linuxeosenterprise_linux_server_tusenterprise_linux_for_power_big_endian_eusenterprise_linux_server_from_rhuienterprise_linux_for_power_big_endianenterprise_linux_server_eusenterprise_linux_server_ausopenstacklinux_kernelenterprise_linux_serverenterprise_linux_workstationqemuemc_px12-450r_ivxenterprise_linux_compute_node_eusenterprise_linux_for_scientific_computingvirtualizationemc_px12-400r_ivxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-8332
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.22% / 12.46%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 21:25
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.

Action-Not Available
Vendor-IBM CorporationLenovo Group Limited
Product-system_x3530_m4_firmwarebladecenter_hs23e_firmwarebladecenter_hs23esystem_x3630_m4_firmwaresystem_x3630_m4flex_system_x220nextscale_nx360_m4_firmwaresystem_x3650_m4_firmwarenextscale_nx360_m4idataplex_dx360_m4_firmwaresystem_x3650_m4_hd_firmwarebladecenter_hs23system_x3300_m4system_x3650_m4_hdflex_system_x440_firmwaresystem_x3750_m4_firmwaresystem_x3550_m4system_x3650_m4_bd_firmwarecompute_node-x440_firmwareidataplex_dx360_m4flex_system_x220_firmwaresystem_x3650_m4_bdbladecenter_hs23_firmwaresystem_x3750_m4system_x3550_m4_firmwaresystem_x3500_m4_firmwaresystem_x3300_m4_firmwaresystem_x3500_m4system_x3530_m4idataplex_dx360_m4_water_cooledflex_system_x240_firmwareflex_system_x240system_x3650_m4compute_node-x440idataplex_dx360_m4_water_cooled_firmwareflex_system_x440System x
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-8317
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.42% / 33.47%
||
7 Day CHG~0.00%
Published-24 Jul, 2020 | 16:10
Updated-17 Sep, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-drivers_managementDrivers Management
CWE ID-CWE-426
Untrusted Search Path
CVE-2020-8326
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.42% / 33.47%
||
7 Day CHG~0.00%
Published-24 Jul, 2020 | 16:10
Updated-17 Sep, 2024 | 03:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-drivers_managementDrivers Management
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2009-0655
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.40% / 31.70%
||
7 Day CHG~0.00%
Published-20 Feb, 2009 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presenting a "plain image" of the authorized user.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-verifacen/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-6196
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.28% / 19.93%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 19:50
Updated-17 Sep, 2024 | 00:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A symbolic link vulnerability in some Lenovo installation packages, prior to version 1.2.9.3, could allow privileged file operations during file extraction and installation.

Action-Not Available
Vendor-Lenovo Group Limited
Product-installation_packageInstallation Packages
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-6173
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.30% / 22.04%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 19:50
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-installation_packageInstallation Packages
CWE ID-CWE-426
Untrusted Search Path
CVE-2017-3749
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.14% / 3.93%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.

Action-Not Available
Vendor-Google LLCLenovo Group Limited
Product-vibe_a2860vibe_a1600vibe_a3500vibe_k30-evibe_k32c30vibe_a6020i37vibe_a6000-ivibe_a6800vibe_a3900vibe_a6000vibe_k30-w-cuvibe_a3600-dvibe_a6600vibe_a2560vibe_k80mvibe_a2880vibe_a2800vibe_a3600uvibe_a3800-dandroidvibe_a3000Lenovo Vibe and Lenovo China-only Moto Mobile Phones
CVE-2018-9069
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-5.9||MEDIUM
EPSS-0.53% / 41.02%
||
7 Day CHG~0.00%
Published-02 Oct, 2018 | 14:00
Updated-05 Aug, 2024 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIOS Write Protection Race Condition

In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator access to alter the contents of BIOS.

Action-Not Available
Vendor-HP Inc.Lenovo Group Limited
Product-310s-14iske43-80_kbl_firmwarev330-14isk_firmware520-15ikbrnr720-15ikbalenovo_y720-15ikb_firmware520s-14ikb_firmware320-15ikbrn_touchr720-15ikbn_firmwarelenovo_yoga_520-15ikblenovo_ideapad_320-14ikb\(i\+n\)lenovo_ideapad_320-14ikb\(i\+n\)_firmwarenano110-15ikb_firmwarelenovo_yoga_520-15ikb_firmwaree52-80yoga_720-13ikbrescuer_y520-15ikbm_firmwarey720-15ikb_firmware310s-14isk_firmwarelenovo_ideapad_y520-15ikbn_firmwarev510-15ikb710s_plus-3ikb_firmware320s-15isk_firmware320s-15isk520s-14ikbideapad_2in1_14_firmwarelenovo_tianyi_310-14ikb_firmwarerescuer_r720-15ikbmlenovo_y520-15ikbm_firmwarelenovo_v720-14lenovo_ideapad_320-15abrlenovo_ideapad_320-15ikb\(i\+n\)lenovo_ideapad_flex_5-1470v310-15iskyoga_720-13ikbr_firmwarev310-14ikb_firmwareyoga_310-11iap_firmwarey520-15ikba_firmwarerescuer_r720-15ikbm_firmwarev310-14isk720s-13ikblenovo_ideapad_320s-15ikbr_firmware320s-14ikb320-15ikbrn_touch_firmwarelenovo_y520-15ikbmideapad_2in1_14lenovo_tianyi_310-15ikb_firmware710s_plus-13ikb_16g_firmware7000-15_u42lenovo_y720-15ikbv310-15ikb320-15ikbrnlenovo_ideapad_320-14ikb\(i\+a\)_firmwaremiix_720-12ikb320-15ikbra720s-13ikb_firmware320-15ikbrn_firmwarev510-14ikb_firmwarelenovo_ideapad_320s-15ikbrlenovo_tianyi_310-14ikb7000_u42_firmwareyoga_510-14isk_firmwarexiaoxinair13ikbprov330-14ikb_firmwareyoga_720-13ikb_firmwarev330-14isk320s-15ikb_firmwarelenovo_y520-15ikbaflex_4-1470_firmwareyoga_720-15ikb_firmwarev510-15ikb_firmwarer720-15ikba_firmware520-15ikbrn_firmwarelenovo_tianyi_310-15ikb710s_plus-3ikblenovo_ideapad_flex_5-1570_firmware7000_u42710s_plus_touch-13ikblenovo_ideapad_flex_5-1570flex_5-1570_firmwarelenovo_ideapad_720s-14ikb_firmwareb320-14ikblenovo_ideapad_320s-14ikbr_firmwarelenovo_y520-15ikba_firmwarelenovo_ideapad_320-15abr_firmwarev310-14ikby720-15ikblenovo_yoga_520-14ikblenovo_ideapad_320-14ikb\(i\+a\)lenovo_ideapad_320-15ikb\(i\+n\)_firmwareflex_5-1570v310-15ikb_firmwarey520-15ikbne42-80lenovo_ideapad_flex_5-1470_firmwarelenovo_ideapad_520s-14ikbr_firmware320s-15ikblenovo_ideapad_720s-14ikbyoga_510-14iske42-80_firmware320-15ikbra_firmwareflex_4-1470v310-15isk_firmwarerescuer_y520-15ikbmb320-14ikb_firmwarev330-14ikb710s_plus_touch-13ikb_firmware510s-14isk_firmware7000-15_u42_firmwarelenovo_ideapad_320s-14ikbrnano110-14ikbr720-15ikbnflex_5-1470nano110-14ikb_firmwareyoga_310-11iaplenovo_yoga_520-14ikb_firmwarelenovo_v720-14_firmware320-17ikbrnlenovo_ideapad_520s-14ikbre43-80_kblv510-14ikby520-15ikbn_firmwarev310-14isk_firmware510s-14isklenovo_ideapad_y520-15ikbn710s_plus-13ikb_16gyoga_720-13ikbryoga_720-15ikby520-15ikbanano110-15ikbe52-80_firmwareflex_5-1470_firmwarexiaoxinair13ikbpro_firmwareIdeaPad
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2015-7820
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.41% / 69.46%
||
7 Day CHG~0.00%
Published-12 Nov, 2015 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal sequences to read arbitrary files, via a request to port 40080 or 40443.

Action-Not Available
Vendor-n/aIBM CorporationLenovo Group Limited
Product-switch_centersystem_networking_switch_centern/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-3922
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-1.77% / 75.43%
||
7 Day CHG~0.00%
Published-18 May, 2022 | 16:10
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named pipe.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_interface_foundationIMController
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2015-7817
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.41% / 69.46%
||
7 Day CHG~0.00%
Published-12 Nov, 2015 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal sequences to read arbitrary text files, via a request to port 40080 or 40443.

Action-Not Available
Vendor-n/aIBM CorporationLenovo Group Limited
Product-switch_centersystem_networking_switch_centern/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2014-1419
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-6.9||MEDIUM
EPSS-0.27% / 18.98%
||
7 Day CHG~0.00%
Published-24 Jul, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aCanonical Ltd.
Product-ubuntu_linuxacpi-supportn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2007-0997
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.25% / 16.07%
||
7 Day CHG~0.00%
Published-18 Sep, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2014-0196
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-22.48% / 97.42%
||
7 Day CHG~0.00%
Published-07 May, 2014 | 10:00
Updated-21 Apr, 2026 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-02||The impacted product is end-of-life and should be disconnected if still in use.

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Action-Not Available
Vendor-n/aF5, Inc.Oracle CorporationRed Hat, Inc.Debian GNU/LinuxCanonical Ltd.SUSELinux Kernel Organization, Inc
Product-big-ip_application_acceleration_managerdebian_linuxubuntu_linuxbig-ip_advanced_firewall_managerbig-iq_devicebig-iq_securitybig-ip_webacceleratorbig-iq_cloud_and_orchestrationbig-ip_wan_optimization_managerenterprise_linux_server_eusbig-ip_policy_enforcement_managerbig-iq_centralized_managementbig-iq_cloudlinux_kernelenterprise_linuxbig-ip_protocol_security_modulebig-ip_application_security_managersuse_linux_enterprise_high_availability_extensionbig-ip_analyticssuse_linux_enterprise_serverbig-ip_local_traffic_managerbig-ip_access_policy_managerlinuxbig-ip_link_controllerbig-iq_application_delivery_controllerenterprise_linux_eusbig-ip_global_traffic_managersuse_linux_enterprise_desktopbig-ip_edge_gatewayenterprise_managern/aKernel
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2013-4327
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.30% / 22.07%
||
7 Day CHG~0.00%
Published-03 Oct, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

Action-Not Available
Vendor-systemd_projectn/aCanonical Ltd.Debian GNU/Linux
Product-systemddebian_linuxubuntu_linuxn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2013-3685
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.37% / 29.28%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 15:41
Updated-06 Aug, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.

Action-Not Available
Vendor-spritesoftwaren/aLG Electronics Inc.
Product-f260kf240ke975kp940f120kf100kf100le977p760f200sp880l21_su540f160kp875hf160lf260lf240sf120sp780f120lf180kspritebackupe975f240le973e971f180lus780e975tf180sf200kf100ssu870e976ls860f160sf160lvf200lls970p769f260sp875spritebudlg870n/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2013-1283
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.9||MEDIUM
EPSS-1.17% / 63.48%
||
7 Day CHG~0.00%
Published-09 Apr, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_rtwindows_7windows_server_2008windows_vistawindows_xpwindows_8windows_server_2012windows_server_2003n/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2013-0871
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-6.9||MEDIUM
EPSS-1.43% / 69.84%
||
7 Day CHG~0.00%
Published-18 Feb, 2013 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2012-5660
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.31% / 23.16%
||
7 Day CHG~0.00%
Published-12 Mar, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes."

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-automatic_bug_reporting_tooln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2012-1868
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.9||MEDIUM
EPSS-1.22% / 65.13%
||
7 Day CHG~0.00%
Published-12 Jun, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2012-0644
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.28% / 19.76%
||
7 Day CHG~0.00%
Published-08 Mar, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2012-0656
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.27% / 18.35%
||
7 Day CHG~0.00%
Published-11 May, 2012 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is enabled, allows physically proximate attackers to login to arbitrary accounts by entering the account name and no password.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-0126
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.4||MEDIUM
EPSS-0.11% / 1.37%
||
7 Day CHG~0.00%
Published-11 Jun, 2020 | 14:43
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-0030
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7||HIGH
EPSS-0.15% / 4.71%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 14:22
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145286050References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-9375
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.4||MEDIUM
EPSS-0.12% / 2.09%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In hostapd, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129344244

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2011-0699
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7||HIGH
EPSS-0.32% / 23.28%
||
7 Day CHG~0.00%
Published-20 Feb, 2020 | 17:18
Updated-06 Aug, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelLinux kernel
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-28796
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.32% / 23.59%
||
7 Day CHG~0.00%
Published-08 Apr, 2022 | 04:11
Updated-03 Aug, 2024 | 06:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-h300eh500ssolidfire_\&_hci_management_nodeenterprise_linuxh300s_firmwareh410c_firmwareactive_iq_unified_managerh410sh300shci_compute_nodeh300e_firmwarelinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700esolidfire\,_enterprise_sds_\&_hci_storage_nodehci_compute_node_firmwareh700e_firmwareh410ch700sn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-29582
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.77% / 51.20%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 00:00
Updated-03 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-29527
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.30% / 21.32%
||
7 Day CHG~0.00%
Published-20 Apr, 2022 | 09:09
Updated-03 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.

Action-Not Available
Vendor-amazonn/a
Product-amazon_ssm_agentn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2010-4295
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.29% / 20.35%
||
7 Day CHG~0.00%
Published-06 Dec, 2010 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.

Action-Not Available
Vendor-n/aApple Inc.VMware (Broadcom Inc.)Linux Kernel Organization, Inc
Product-playermac_os_xserverfusionlinux_kernelworkstationn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-26827
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.39% / 30.63%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 19:05
Updated-02 Jan, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows File Server Resource Management Service Elevation of Privilege Vulnerability

Windows File Server Resource Management Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2010-2961
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 38.18%
||
7 Day CHG~0.00%
Published-14 Sep, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file.

Action-Not Available
Vendor-scott_james_remnantn/a
Product-mountalln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-26362
Matching Score-4
Assigner-Xen Project
ShareView Details
Matching Score-4
Assigner-Xen Project
CVSS Score-6.4||MEDIUM
EPSS-0.38% / 29.87%
||
7 Day CHG~0.00%
Published-09 Jun, 2022 | 12:50
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too early and creates a window where the guest can re-establish the read/write mapping before writeability is prohibited.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectXen Project
Product-xendebian_linuxfedoraxen
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2010-2653
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.38% / 30.08%
||
7 Day CHG~0.00%
Published-05 Oct, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the hvc_close function in drivers/char/hvc_console.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service or possibly have unspecified other impact by closing a Hypervisor Virtual Console device, related to the hvc_open and hvc_remove functions.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-24537
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.35% / 27.20%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 19:03
Updated-02 Jan, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hyper-V Remote Code Execution Vulnerability

Windows Hyper-V Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_server_2016windows_11windows_10windows_server_2022windows_server_2019Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows Server version 20H2Windows 10 Version 1909Windows Server 2016
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2010-0532
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.25% / 16.39%
||
7 Day CHG~0.00%
Published-31 Mar, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-ituneswindows_vistawindows_7windows_xpn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-14072
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.13% / 3.23%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unhandled paging request is observed due to dereferencing an already freed object because of race condition between sparse free and sparse bind ioctls which access the same physical entry in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8096AU, APQ8098, MDM9607, MSM8909W, MSM8939, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwaresdx24_firmwaresda845_firmwareapq8098msm8939qcs605sdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909wsda845nicobarsa6155p_firmwaremsm8953sdm450apq8098_firmwaremdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sdm710mdm9607sdm710_firmwaremsm8939_firmwaresa6155psm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellsda660_firmwarerennell_firmwaresdx55msm8953_firmwareapq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8250sm8150nicobar_firmwaresaipansdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2010-0436
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.28% / 19.72%
||
7 Day CHG~0.00%
Published-15 Apr, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.

Action-Not Available
Vendor-n/aKDE
Product-kde_scn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-14070
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.14% / 3.71%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free issue in pcm volume controls due to race condition exist in private data used in mixer controls in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9615ipq6018_firmwaremdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwareipq8064sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009apq8053_firmwareipq8064_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064sdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareipq8074_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8905ipq6018mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwareipq4019sdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresm8250mdm9615_firmwareapq8017saipannicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2009-3527
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.55% / 42.18%
||
7 Day CHG~0.00%
Published-06 Oct, 2009 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory corruption.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-17341
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.26% / 17.21%
||
7 Day CHG~0.00%
Published-08 Oct, 2019 | 00:03
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found