Skip to main content

Race Condition

1815 CVEs technique

Monthly

CVE-2024-20700 HIGH PATCH This Month

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

Microsoft Race Condition RCE Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-3328 Go HIGH POC PATCH This Week

Race condition in snap-confine's must_mkdir_and_open_with_perms(). Rated high severity (CVSS 7.8). Public exploit code available.

Race Condition Information Disclosure Snapd Ubuntu Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-22047 Ruby LOW PATCH Monitor

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Race Condition Information Disclosure Audited
NVD GitHub
CVSS 3.1
3.1
EPSS
0.9%
CVE-2023-49706 MEDIUM This Month

Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Privilege Escalation Linotp Virtual Appliance
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2023-6857 MEDIUM This Month

When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Race Condition Apple Mozilla Microsoft +5
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-45864 MEDIUM This Month

A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Samsung Information Disclosure Exynos 9820 Firmware Exynos 980 Firmware +5
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2023-48420 MEDIUM This Month

there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-40077 HIGH PATCH This Week

In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Privilege Escalation Android
NVD
CVSS 3.1
8.1
EPSS
8.4%
CVE-2023-45286 Go MEDIUM POC PATCH This Month

A race condition in go-resty can result in HTTP request body disclosure across requests. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Race Condition Information Disclosure Resty
NVD GitHub
CVSS 3.1
5.9
EPSS
0.7%
CVE-2023-4642 MEDIUM POC This Month

The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure WordPress Kk Star Ratings
NVD WPScan
CVSS 3.1
5.9
EPSS
0.4%
CVE-2023-46132 Go MEDIUM POC PATCH This Month

Hyperledger Fabric is an open source permissioned distributed ledger framework. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Fabric
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-20571 HIGH This Week

A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Privilege Escalation Ryzen 3 5100 Firmware Ryzen 3 5300G Firmware Ryzen 3 5300Ge Firmware +68
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2023-36405 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-6109 MEDIUM PATCH This Month

The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Race Condition Information Disclosure WordPress Yop Poll
NVD VulDB
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-20902 Go MEDIUM POC PATCH This Month

A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Harbor
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-47111 Go LOW PATCH Monitor

ZITADEL provides identity infrastructure. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Zitadel
NVD GitHub
CVSS 3.1
3.7
EPSS
0.5%
CVE-2023-41914 HIGH This Week

SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Slurm Fedora
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-35645 MEDIUM This Month

In tbd of tbd, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-36698 MEDIUM PATCH This Month

Windows Kernel Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Race Condition Authentication Bypass Microsoft Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2023-38538 MEDIUM This Month

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Whatsapp
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2023-38537 MEDIUM This Month

A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Whatsapp
NVD
CVSS 3.1
5.6
EPSS
0.2%
CVE-2023-42756 MEDIUM POC PATCH This Month

A flaw was found in the Netfilter subsystem of the Linux kernel. Rated medium severity (CVSS 4.7). Public exploit code available.

Race Condition Denial Of Service Linux Linux Kernel Enterprise Linux +2
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2023-41979 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Information Disclosure Apple macOS
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2023-41306 LOW Monitor

Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
3.7
EPSS
0.4%
CVE-2023-41915 HIGH This Week

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Openpmix Fedora Debian Linux
NVD GitHub
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-38616 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple macOS
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-20835 MEDIUM This Month

In camsys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Yocto Iot Yocto +1
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20834 MEDIUM This Month

In pda, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20827 MEDIUM This Month

In ims service, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-21290 MEDIUM PATCH This Month

In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20801 MEDIUM This Month

In imgsys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Yocto Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-4049 MEDIUM This Month

Race conditions in reference counting code were found through code inspection. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Mozilla Information Disclosure Firefox Debian Linux
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2023-37904 LOW PATCH Monitor

Discourse is an open source discussion platform. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Discourse
NVD GitHub
CVSS 3.1
3.1
EPSS
0.2%
CVE-2023-32258 HIGH PATCH This Week

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Linux Linux Kernel H300S +3
NVD
CVSS 3.1
8.1
EPSS
2.5%
CVE-2023-32257 HIGH PATCH This Week

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Linux Linux Kernel Solidfire Hci Storage Node +4
NVD
CVSS 3.1
8.1
EPSS
2.4%
CVE-2023-38409 MEDIUM PATCH This Month

An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-21262 LOW PATCH Monitor

In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Android
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2023-36884 HIGH KEV PATCH THREAT This Week

Windows Search Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
99.0%
CVE-2023-35361 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-33170 NuGet HIGH PATCH This Week

ASP.NET and Visual Studio Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Authentication Bypass Net Visual Studio 2022 Fedora
NVD
CVSS 3.1
8.1
EPSS
2.1%
CVE-2023-3108 MEDIUM PATCH This Month

A flaw was found in the subsequent get_user_pages_fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher_recvmsg of crypto/algif_skcipher.c function. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2023-1672 MEDIUM POC PATCH This Month

A race condition exists in the Tang server functionality for key generation and key rotation. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. Public exploit code available.

Race Condition Information Disclosure Tang Fedora Enterprise Linux
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-32254 HIGH PATCH This Week

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Linux Linux Kernel Hci Management Node +4
NVD
CVSS 3.1
8.1
EPSS
2.9%
CVE-2023-32250 HIGH PATCH This Week

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Linux Linux Kernel Hci +5
NVD
CVSS 3.1
8.1
EPSS
2.6%
CVE-2023-35863 MEDIUM POC This Month

In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Microsoft Http Debugger
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-2010 LOW POC Monitor

The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure WordPress Forminator
NVD WPScan
CVSS 3.1
3.1
EPSS
0.4%
CVE-2023-20771 MEDIUM This Month

In display, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-21178 MEDIUM This Month

In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. Rated medium severity (CVSS 4.1). No vendor patch available.

Race Condition Information Disclosure Google Android
NVD
CVSS 3.1
4.1
EPSS
0.1%
CVE-2023-32413 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition Information Disclosure Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2023-35829 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel H300S +3
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2023-35828 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel H300S +4
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2023-35827 HIGH PATCH This Week

An issue was discovered in the Linux kernel through 6.3.8. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-35826 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel H300S +4
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-35824 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-35823 HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-21101 HIGH This Week

In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Denial Of Service Google Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-21095 MEDIUM This Month

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Privilege Escalation Google Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2023-20750 MEDIUM This Month

In swpm, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 4.1). No vendor patch available.

Race Condition Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.1
EPSS
0.1%
CVE-2023-20736 MEDIUM This Month

In vcu, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Iot Yocto Yocto +1
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-29537 HIGH This Week

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Buffer Overflow Mozilla Google Firefox +1
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-33974 MEDIUM PATCH This Month

RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Riot
NVD GitHub
CVSS 3.1
5.9
EPSS
0.7%
CVE-2023-30571 MEDIUM This Month

Libarchive through 3.6.2 can cause directories to have world-writable permissions. Rated medium severity (CVSS 5.3). No vendor patch available.

Race Condition Information Disclosure Libarchive
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-31225 LOW Monitor

The Gallery app has the risk of hijacking attacks. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Emui
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-33203 MEDIUM PATCH This Month

The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required.

Race Condition Qualcomm Linux Information Disclosure Linux Kernel +1
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2023-32570 MEDIUM PATCH This Month

VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Dav1D Fedora
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2023-28201 CRITICAL Act Now

This issue was addressed with improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition RCE Apple Safari Ipados +2
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-27952 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Authentication Bypass macOS
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2023-21712 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft Windows 10 Windows 10 1607 +13
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-2006 HIGH PATCH This Week

A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. Rated high severity (CVSS 7.0).

Race Condition RCE Linux Linux Kernel Hci Baseboard Management Controller
NVD GitHub
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-31083 MEDIUM This Month

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2023-28142 HIGH This Week

A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Microsoft Cloud Agent
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-30543 npm MEDIUM PATCH This Month

@web3-react is a framework for building Ethereum Apps . Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Race Condition Node.js Information Disclosure Web3 React Coinbase Wallet Web3 React Eip1193 +2
NVD GitHub
CVSS 3.1
5.7
EPSS
0.4%
CVE-2023-28984 MEDIUM This Month

A Use After Free vulnerability in the Layer 2 Address Learning Manager (l2alm) of Juniper Networks Junos OS on QFX Series allows an adjacent attacker to cause the Packet Forwarding Engine to crash. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Race Condition Juniper Denial Of Service Junos
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-26980 HIGH POC This Week

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Google Authentication Bypass Paydroid
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-28232 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-20687 MEDIUM This Month

In display drm, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20686 MEDIUM This Month

In display drm, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20685 MEDIUM This Month

In vdec, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20684 MEDIUM This Month

In vdec, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-1582 MEDIUM This Month

A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2023-28144 HIGH POC This Week

KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Privilege Escalation Hotspot
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-23039 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 6.2.0-rc2. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required.

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.7
EPSS
0.2%
CVE-2023-0739 Go MEDIUM POC PATCH This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Information Disclosure Answer
NVD GitHub
CVSS 3.1
6.8
EPSS
0.7%
CVE-2023-24042 HIGH POC This Week

A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Path Traversal Lightftp
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-22499 Cargo HIGH POC PATCH This Week

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Race Condition Information Disclosure Deno
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-46174 Go MEDIUM PATCH This Month

efs-utils is a set of Utilities for Amazon Elastic File System (EFS). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Race Condition Information Disclosure Elastic Efs Utils Elastic File System Container Storage Interface Driver
NVD GitHub
CVSS 3.1
4.2
EPSS
0.6%
CVE-2022-2583 Go LOW PATCH Monitor

A race condition can cause incorrect HTTP request routing. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Gobase
NVD GitHub
CVSS 3.1
3.7
EPSS
0.3%
CVE-2022-42930 HIGH This Week

If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Information Disclosure Mozilla Firefox
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2022-36318 MEDIUM This Month

When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Google Mozilla Firefox +2
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-22763 HIGH This Week

When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Mozilla Firefox Firefox Esr +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
EPSS 1% CVSS 7.5
HIGH PATCH This Month

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

Microsoft Race Condition RCE +10
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Race condition in snap-confine's must_mkdir_and_open_with_perms(). Rated high severity (CVSS 7.8). Public exploit code available.

Race Condition Information Disclosure Snapd +1
NVD GitHub
EPSS 1% CVSS 3.1
LOW PATCH Monitor

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Race Condition Information Disclosure Audited
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM This Month

Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Privilege Escalation Linotp +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Race Condition Apple +7
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Samsung Information Disclosure +7
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +1
NVD
EPSS 8% CVSS 8.1
HIGH PATCH This Week

In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Privilege Escalation Android
NVD
EPSS 1% CVSS 5.9
MEDIUM POC PATCH This Month

A race condition in go-resty can result in HTTP request body disclosure across requests. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Race Condition Information Disclosure Resty
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM POC This Month

The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure WordPress +1
NVD WPScan
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Hyperledger Fabric is an open source permissioned distributed ledger framework. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Fabric
NVD GitHub
EPSS 0% CVSS 8.1
HIGH This Week

A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Privilege Escalation Ryzen 3 5100 Firmware +70
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft +11
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Race Condition Information Disclosure WordPress +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Harbor
NVD GitHub
EPSS 1% CVSS 3.7
LOW PATCH Monitor

ZITADEL provides identity infrastructure. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Zitadel
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Week

SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Slurm +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In tbd of tbd, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Windows Kernel Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Race Condition Authentication Bypass Microsoft +7
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Whatsapp
NVD
EPSS 0% CVSS 5.6
MEDIUM This Month

A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Whatsapp
NVD
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

A flaw was found in the Netfilter subsystem of the Linux kernel. Rated medium severity (CVSS 4.7). Public exploit code available.

Race Condition Denial Of Service Linux +4
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Information Disclosure Apple +1
NVD
EPSS 0% CVSS 3.7
LOW Monitor

Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Emui +1
NVD
EPSS 1% CVSS 8.1
HIGH This Week

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Openpmix +2
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In camsys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +3
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In pda, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In ims service, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Denial Of Service Android
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In imgsys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +2
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Race conditions in reference counting code were found through code inspection. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Mozilla Information Disclosure +2
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Discourse is an open source discussion platform. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Discourse
NVD GitHub
EPSS 3% CVSS 8.1
HIGH PATCH This Week

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Linux +5
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Linux +6
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Android
NVD
EPSS 99% CVSS 7.5
HIGH KEV PATCH THREAT This Week

Windows Search Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft +11
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

ASP.NET and Visual Studio Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Authentication Bypass Net +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

A flaw was found in the subsequent get_user_pages_fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher_recvmsg of crypto/algif_skcipher.c function. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

A race condition exists in the Tang server functionality for key generation and key rotation. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. Public exploit code available.

Race Condition Information Disclosure Tang +2
NVD GitHub
EPSS 3% CVSS 8.1
HIGH PATCH This Week

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Linux +6
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Linux +7
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 3.1
LOW POC Monitor

The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure WordPress +1
NVD WPScan
EPSS 0% CVSS 6.4
MEDIUM This Month

In display, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. Rated medium severity (CVSS 4.1). No vendor patch available.

Race Condition Information Disclosure Google +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition Information Disclosure Apple +5
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +5
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

An issue was discovered in the Linux kernel through 6.3.8. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

An issue was discovered in the Linux kernel before 6.3.2. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Denial Of Service +2
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Privilege Escalation Google +1
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

In swpm, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 4.1). No vendor patch available.

Race Condition Buffer Overflow Information Disclosure +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In vcu, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Buffer Overflow Mozilla +3
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Riot
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

Libarchive through 3.6.2 can cause directories to have world-writable permissions. Rated medium severity (CVSS 5.3). No vendor patch available.

Race Condition Information Disclosure Libarchive
NVD GitHub
EPSS 0% CVSS 3.3
LOW Monitor

The Gallery app has the risk of hijacking attacks. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Emui
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required.

Race Condition Qualcomm Linux +3
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Dav1D +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

This issue was addressed with improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition RCE Apple +4
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Authentication Bypass +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft +15
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. Rated high severity (CVSS 7.0).

Race Condition RCE Linux +2
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM This Month

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Microsoft +1
NVD
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

@web3-react is a framework for building Ethereum Apps . Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Race Condition Node.js Information Disclosure +4
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

A Use After Free vulnerability in the Layer 2 Address Learning Manager (l2alm) of Juniper Networks Junos OS on QFX Series allows an adjacent attacker to cause the Packet Forwarding Engine to crash. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Race Condition Juniper Denial Of Service +1
NVD
EPSS 0% CVSS 7.0
HIGH POC This Week

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Google Authentication Bypass +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft +13
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In display drm, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Android
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In display drm, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Android
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In vdec, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In vdec, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 7.0
HIGH POC This Week

KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Privilege Escalation Hotspot
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 6.2.0-rc2. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required.

Race Condition Information Disclosure Linux +1
NVD
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Path Traversal Lightftp
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Race Condition Information Disclosure Deno
NVD GitHub
EPSS 1% CVSS 4.2
MEDIUM PATCH This Month

efs-utils is a set of Utilities for Amazon Elastic File System (EFS). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Race Condition Information Disclosure Elastic +2
NVD GitHub
EPSS 0% CVSS 3.7
LOW PATCH Monitor

A race condition can cause incorrect HTTP request routing. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Gobase
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Information Disclosure Mozilla +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Google +4
NVD
EPSS 1% CVSS 8.8
HIGH This Week

When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Mozilla +3
NVD
Prev Page 11 of 21 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy