Vulnerabilities > Improper Locking
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-15 | CVE-2019-1732 | Improper Locking vulnerability in Cisco Nx-Os A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbitrary command injection. | 6.4 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-05-08 | CVE-2019-2050 | Improper Locking vulnerability in Google Android 8.0/8.1/9.0 In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. | 7.8 |
| 2019-04-29 | CVE-2019-11599 | Improper Locking vulnerability in Linux Kernel The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. | 7.0 |
| 2019-04-10 | CVE-2019-6156 | Improper Locking vulnerability in Lenovo products In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. | 3.3 |
| 2018-10-17 | CVE-2018-0381 | Improper Locking vulnerability in Cisco Aironet Access Points A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 6.8 |
| 2018-10-05 | CVE-2018-15390 | Improper Locking vulnerability in Cisco Firepower Threat Defense A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 6.8 |
| 2018-04-19 | CVE-2018-0228 | Improper Locking vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. | 8.6 |
| 2018-03-13 | CVE-2018-1000127 | Improper Locking vulnerability in multiple products memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. | 7.5 |
| 2010-11-22 | CVE-2010-4210 | Improper Locking vulnerability in Freebsd The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs. | 7.8 |