Vulnerabilities > Improper Locking
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-07 | CVE-2019-14763 | Improper Locking vulnerability in multiple products In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid. | 5.5 |
| 2019-07-08 | CVE-2019-2119 | Improper Locking vulnerability in Google Android 8.0/8.1/9.0 In multiple functions of key_store_service.cpp, there is a possible Information Disclosure due to improper locking. | 5.5 |
| 2019-06-21 | CVE-2019-10072 | Improper Locking vulnerability in Apache Tomcat The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . | 7.5 |
| 2019-06-19 | CVE-2019-2025 | Improper Locking vulnerability in Google Android In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. | 7.8 |
| 2019-05-29 | CVE-2019-6322 | Improper Locking vulnerability in HP products HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. | 6.8 |
| 2019-05-29 | CVE-2019-6321 | Improper Locking vulnerability in HP products HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. | 7.2 |
| 2019-05-15 | CVE-2019-1732 | Improper Locking vulnerability in Cisco Nx-Os A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbitrary command injection. | 6.4 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-05-08 | CVE-2019-2050 | Improper Locking vulnerability in Google Android 8.0/8.1/9.0 In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. | 7.8 |
| 2019-04-29 | CVE-2019-11599 | Improper Locking vulnerability in Linux Kernel The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. | 7.0 |