CVE-2015-4481

LOW Year: 2015
CVSS v2 Score
3.3
Low
Weakness Type
CWE-362
View all →

Vulnerability Description

Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.

Related Vulnerabilities

CVE-2015-8556

CRITICAL
CVSS:10.0(Critical)

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.

CWE-3622015

CVE-2017-2898

CRITICAL
CVSS:9.9(Critical)

An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be ins...

CWE-3622017

CVE-2020-1660

CRITICAL
CVSS:9.9(Critical)

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management ...

CWE-3622020

CVE-2016-0930

CRITICAL
CVSS:9.8(Critical)

Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH a...

CWE-3622016

CVE-2019-2006

CRITICAL
CVSS:9.8(Critical)

In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execut...

CWE-3622019

CVE-2021-32810

CRITICAL
CVSS:9.8(Critical)

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more t...

CWE-3622021