Total
1706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36458 | 1 Lexer Project | 1 Lexer | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the lexer crate through 2020-11-10 for Rust. For ReaderResult<T, E>, there is an implementation of Sync with a trait bound of T: Send, E: Send. | |||||
| CVE-2020-36447 | 1 V9 Project | 1 V9 | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the v9 crate through 2020-12-18 for Rust. There is an unconditional implementation of Sync for SyncRef<T>. | |||||
| CVE-2020-35928 | 1 Concread Project | 1 Concread | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the concread crate before 0.2.6 for Rust. Attackers can cause an ARCache<K,V> data race by sending types that do not implement Send/Sync. | |||||
| CVE-2020-35914 | 1 Lock Api Project | 1 Lock Api | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of RwLockWriteGuard unsoundness. | |||||
| CVE-2020-35913 | 1 Lock Api Project | 1 Lock Api | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of RwLockReadGuard unsoundness. | |||||
| CVE-2020-35912 | 1 Lock Api Project | 1 Lock Api | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of MappedRwLockWriteGuard unsoundness. | |||||
| CVE-2020-35911 | 1 Lock Api Project | 1 Lock Api | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of MappedRwLockReadGuard unsoundness. | |||||
| CVE-2020-35905 | 1 Rust-lang | 1 Future-utils | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the futures-util crate before 0.3.7 for Rust. MutexGuard::map can cause a data race for certain closure situations (in safe code). | |||||
| CVE-2020-35897 | 1 Atom Project | 1 Atom | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the atom crate before 0.3.6 for Rust. An unsafe Send implementation allows a cross-thread data race. | |||||
| CVE-2020-35886 | 1 Arr Project | 1 Arr | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race. | |||||
| CVE-2020-35882 | 1 Rocket | 1 Rocket | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references to the same object, possibly causing a data race. | |||||
| CVE-2020-35874 | 1 Internment Project | 1 Internment | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the internment crate through 2020-05-28 for Rust. ArcIntern::drop has a race condition and resultant use-after-free. | |||||
| CVE-2020-35871 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via an Auxdata API data race. | |||||
| CVE-2020-35508 | 3 Linux, Netapp, Redhat | 33 Linux Kernel, A700s, A700s Firmware and 30 more | 2024-11-21 | 4.4 MEDIUM | 4.5 MEDIUM |
| A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process. | |||||
| CVE-2020-35451 | 1 Apache | 1 Oozie | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation. | |||||
| CVE-2020-35216 | 1 Atomix | 1 Atomix | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages. | |||||
| CVE-2020-2016 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 8.5 HIGH | 7.0 HIGH |
| A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0. | |||||
| CVE-2020-29622 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. | |||||
| CVE-2020-29374 | 3 Debian, Linux, Netapp | 11 Debian Linux, Linux Kernel, Baseboard Management Controller 500f and 8 more | 2024-11-21 | 3.3 LOW | 3.6 LOW |
| An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58. | |||||
| CVE-2020-29372 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the IORING_OP_MADVISE implementation, aka CID-bc0c4d1e176e. | |||||