Vulnerabilities > Improper Locking
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-21 | CVE-2019-10072 | Improper Locking vulnerability in Apache Tomcat The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . | 7.5 |
| 2019-05-29 | CVE-2019-6322 | Improper Locking vulnerability in HP products HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. | 9.0 |
| 2019-05-29 | CVE-2019-6321 | Improper Locking vulnerability in HP products HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. | 9.0 |
| 2019-05-15 | CVE-2019-1732 | Improper Locking vulnerability in Cisco Nx-Os A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbitrary command injection. | 6.9 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-04-29 | CVE-2019-11599 | Improper Locking vulnerability in Linux Kernel The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. | 7.0 |
| 2019-04-22 | CVE-2019-3901 | Improper Locking vulnerability in multiple products A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. | 4.7 |
| 2019-04-10 | CVE-2019-6156 | Improper Locking vulnerability in Lenovo products In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. | 2.1 |
| 2019-01-10 | CVE-2019-5886 | Improper Locking vulnerability in Shopxo 1.2.0 An issue was discovered in ShopXO 1.2.0. | 7.5 |
| 2018-10-17 | CVE-2018-0381 | Improper Locking vulnerability in Cisco Aironet Access Points A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 5.5 |