Skip to main content

Race Condition

1816 CVEs technique

Monthly

CVE-2022-22763 HIGH This Week

When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Mozilla Firefox Firefox Esr +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-22746 MEDIUM This Month

A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Microsoft Authentication Bypass Mozilla Firefox +2
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2022-22737 HIGH POC This Week

Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Denial Of Service Microsoft Mozilla Firefox +2
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-20567 MEDIUM PATCH This Month

In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4).

Race Condition Google Privilege Escalation Denial Of Service Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-46689 HIGH POC THREAT Act Now

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Safari Ipados +4
NVD
CVSS 3.1
7.0
EPSS
44.7%
CVE-2022-42864 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2022-44676 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-44669 HIGH This Week

Windows Error Reporting Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Microsoft Windows 10 Windows 11 +2
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-42771 MEDIUM This Month

In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2022-42770 MEDIUM This Month

In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2022-39134 MEDIUM This Month

In audio driver, there is a use after free due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2022-32621 MEDIUM This Month

In isp, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-45869 MEDIUM POC This Month

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Race Condition Linux Denial Of Service Buffer Overflow Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-45888 MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.9. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Race Condition Information Disclosure Linux Linux Kernel H410c Firmware +4
NVD
CVSS 3.1
6.4
EPSS
0.7%
CVE-2022-45887 MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.9. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Linux Linux Kernel H410c Firmware +4
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2022-45886 HIGH PATCH This Week

An issue was discovered in the Linux kernel through 6.0.9. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel H410c Firmware +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-45885 HIGH This Week

An issue was discovered in the Linux kernel through 6.0.9. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Linux Linux Kernel H410c Firmware +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-45884 HIGH This Week

An issue was discovered in the Linux kernel through 6.0.9. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Linux Linux Kernel H300s Firmware +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-40130 LOW Monitor

Auth. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Information Disclosure WordPress Wp Polls
NVD
CVSS 3.1
3.1
EPSS
0.4%
CVE-2022-41118 HIGH This Week

Windows Scripting Languages Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft Windows 10 Windows 11 +7
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-41116 MEDIUM This Month

Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Microsoft Denial Of Service Windows 7 Windows Server 2008
NVD
CVSS 3.1
5.9
EPSS
1.0%
CVE-2022-41114 HIGH This Week

Windows Bind Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Microsoft Windows 10 Windows 11 +1
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2022-41100 HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition Information Disclosure Microsoft Windows 10 Windows 11 +5
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41093 HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition Information Disclosure Microsoft Windows 10 Windows 11 +5
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41090 MEDIUM This Month

Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Microsoft Denial Of Service Windows 10 Windows 11 +7
NVD
CVSS 3.1
5.9
EPSS
1.0%
CVE-2022-41088 HIGH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft Windows 10 Windows 11 +5
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-41086 MEDIUM This Month

Windows Group Policy Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Information Disclosure Microsoft Windows 10 Windows 11 +7
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2022-41045 HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition Information Disclosure Microsoft Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41044 HIGH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft Windows 7 Windows Server 2008
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-41039 HIGH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-38014 HIGH This Week

Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Linux Microsoft Azure Iot Edge For Linux +1
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-44563 MEDIUM This Month

There is a race condition vulnerability in SD upgrade mode. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Harmonyos Emui
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2022-44551 CRITICAL Act Now

The iaware module has a vulnerability in thread security. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-39328 Go HIGH PATCH This Week

Grafana is an open-source platform for monitoring and observability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Grafana
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-32613 MEDIUM This Month

In vcu, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-32612 MEDIUM This Month

In vcu, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Denial Of Service Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-42832 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 6.4). No vendor patch available.

RCE Race Condition Apple Ipados Iphone Os +1
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2022-42831 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 6.4). No vendor patch available.

RCE Race Condition Apple Ipados Iphone Os +1
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2022-42806 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple Ipados Iphone Os +1
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-42803 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-42791 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple Iphone Os macOS
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-3307 HIGH This Week

Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-32895 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure macOS
NVD
CVSS 3.1
4.7
EPSS
0.7%
CVE-2022-44034 MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.6. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure Linux Kernel
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2022-44033 MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.6. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure Linux Kernel
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2022-44032 MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.6. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure Linux Kernel
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2022-3623 HIGH PATCH This Week

A vulnerability was found in Linux Kernel. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Linux Race Condition Information Disclosure Linux Kernel Debian Linux
NVD VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-27626 HIGH This Week

A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Synology Diskstation Manager
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-3567 MEDIUM PATCH This Month

A vulnerability has been found in Linux Kernel and classified as problematic. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required.

Linux Race Condition Information Disclosure Linux Kernel
NVD VulDB
CVSS 3.1
6.4
EPSS
0.3%
CVE-2022-3566 HIGH PATCH This Week

A vulnerability, which was classified as problematic, was found in Linux Kernel. Rated high severity (CVSS 7.1).

Linux Race Condition Information Disclosure Linux Kernel
NVD VulDB
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-3521 LOW PATCH Monitor

A vulnerability has been found in Linux Kernel and classified as problematic. Rated low severity (CVSS 2.5).

Linux Race Condition Information Disclosure Linux Kernel Debian Linux
NVD VulDB
CVSS 3.1
2.5
EPSS
0.2%
CVE-2022-41035 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition Google Information Disclosure Edge Chromium
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2022-38047 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-38029 HIGH PATCH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Race Condition Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2022-38027 HIGH PATCH This Week

Windows Storage Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Race Condition Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-38021 HIGH PATCH This Week

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Windows 10 Windows 11 Windows Server 2012 +3
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-38000 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2022-33634 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-30198 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-24504 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-22035 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2022-41850 MEDIUM This Month

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a. Rated medium severity (CVSS 4.7). No vendor patch available.

Linux Race Condition Information Disclosure Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-41849 MEDIUM This Month

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure Linux Kernel Debian Linux
NVD
CVSS 3.1
4.2
EPSS
0.3%
CVE-2022-41848 MEDIUM This Month

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl,. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure Linux Kernel
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2022-3071 HIGH This Week

Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-3049 HIGH This Week

Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-3042 HIGH PATCH This Week

Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-2857 HIGH PATCH This Week

Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-2854 HIGH PATCH This Week

Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-40310 LOW Monitor

Authenticated (subscriber+) Race Condition vulnerability in Rate my Post - WP Rating System plugin <= 3.3.4 at WordPress allows attackers to increase/decrease votes. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition WordPress Information Disclosure Rate My Post Wp Rating System
NVD
CVSS 3.1
3.1
EPSS
0.4%
CVE-2022-39006 MEDIUM This Month

The MPTCP module has the race condition vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2022-34725 HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Race Condition Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
5.4%
CVE-2022-26928 HIGH This Week

Windows Photo Import API Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Race Condition Information Disclosure Windows 10 Windows 11 +3
NVD
CVSS 3.1
7.0
EPSS
0.7%
CVE-2022-36422 LOW Monitor

Rating increase/decrease via race condition in Lester 'GaMerZ' Chan WP-PostRatings plugin <= 1.89 at WordPress. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition WordPress Information Disclosure Wp Postratings
NVD
CVSS 3.1
3.1
EPSS
0.4%
CVE-2022-40307 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.19.8. Rated medium severity (CVSS 4.7).

Linux Race Condition Information Disclosure Linux Kernel Debian Linux
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-26450 MEDIUM This Month

In apusys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-39188 MEDIUM PATCH This Month

An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Rated medium severity (CVSS 4.7).

Linux Race Condition Information Disclosure Linux Kernel Debian Linux
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-2590 HIGH This Week

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. Rated high severity (CVSS 7.0). No vendor patch available.

Linux Race Condition Information Disclosure Linux Kernel
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2022-1247 HIGH POC This Week

An issue found in linux-kernel that leads to a race condition in rose_connect(). Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Linux Race Condition Information Disclosure Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-0207 MEDIUM PATCH This Month

A race condition was found in vdsm. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Vdsm Virtualization Virtualization For Ibm Power Little Endian +1
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-24951 HIGH POC This Week

A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Eternal Terminal
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-24950 HIGH POC PATCH This Week

A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Information Disclosure Eternal Terminal
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-24949 HIGH POC PATCH This Week

A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Privilege Escalation Buffer Overflow Eternal Terminal
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-2623 HIGH This Week

Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-2617 HIGH This Week

Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-2609 HIGH This Week

Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-2608 HIGH This Week

Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-2607 HIGH This Week

Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-20256 MEDIUM This Month

In the Audio HAL, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-20373 MEDIUM This Month

In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
EPSS 1% CVSS 8.8
HIGH This Week

When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Mozilla +3
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Microsoft Authentication Bypass +4
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Denial Of Service Microsoft +4
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4).

Race Condition Google Privilege Escalation +2
NVD
EPSS 45% CVSS 7.0
HIGH POC THREAT Act Now

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +6
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +5
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft +10
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows Error Reporting Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Microsoft +4
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Android
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Android
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

In audio driver, there is a use after free due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Android
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In isp, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Race Condition Linux Denial Of Service +2
NVD
EPSS 1% CVSS 6.4
MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.9. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Race Condition Information Disclosure Linux +6
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.9. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Linux +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

An issue was discovered in the Linux kernel through 6.0.9. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +6
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An issue was discovered in the Linux kernel through 6.0.9. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Linux +6
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An issue was discovered in the Linux kernel through 6.0.9. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Linux +6
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Auth. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Information Disclosure WordPress +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Windows Scripting Languages Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft +9
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Microsoft Denial Of Service +2
NVD
EPSS 1% CVSS 7.0
HIGH This Week

Windows Bind Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Microsoft +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition Information Disclosure Microsoft +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition Information Disclosure Microsoft +7
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Microsoft Denial Of Service +9
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft +7
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

Windows Group Policy Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Information Disclosure Microsoft +9
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition Information Disclosure Microsoft +10
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Microsoft +10
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Linux +3
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

There is a race condition vulnerability in SD upgrade mode. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Harmonyos +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The iaware module has a vulnerability in thread security. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Emui +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Grafana is an open-source platform for monitoring and observability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Grafana
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

In vcu, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In vcu, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Denial Of Service +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 6.4). No vendor patch available.

RCE Race Condition Apple +3
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 6.4). No vendor patch available.

RCE Race Condition Apple +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple +5
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Race Condition Apple +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service +1
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.6. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.6. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

An issue was discovered in the Linux kernel through 6.0.6. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A vulnerability was found in Linux Kernel. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Linux Race Condition Information Disclosure +2
NVD VulDB
EPSS 1% CVSS 8.1
HIGH This Week

A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Synology +1
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

A vulnerability has been found in Linux Kernel and classified as problematic. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required.

Linux Race Condition Information Disclosure +1
NVD VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

A vulnerability, which was classified as problematic, was found in Linux Kernel. Rated high severity (CVSS 7.1).

Linux Race Condition Information Disclosure +1
NVD VulDB
EPSS 0% CVSS 2.5
LOW PATCH Monitor

A vulnerability has been found in Linux Kernel and classified as problematic. Rated low severity (CVSS 2.5).

Linux Race Condition Information Disclosure +2
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition Google +2
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE +10
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Race Condition Information Disclosure +10
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Storage Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Race Condition Information Disclosure +10
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Windows 10 +5
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE +10
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE +10
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE +10
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE +10
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Race Condition RCE +10
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a. Rated medium severity (CVSS 4.7). No vendor patch available.

Linux Race Condition Information Disclosure +2
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure +2
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl,. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

Linux Race Condition Information Disclosure +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Race Condition Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Race Condition Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Race Condition Denial Of Service +2
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Authenticated (subscriber+) Race Condition vulnerability in Rate my Post - WP Rating System plugin <= 3.3.4 at WordPress allows attackers to increase/decrease votes. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition WordPress Information Disclosure +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

The MPTCP module has the race condition vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Emui +2
NVD
EPSS 5% CVSS 7.0
HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Race Condition Information Disclosure +10
NVD
EPSS 1% CVSS 7.0
HIGH This Week

Windows Photo Import API Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Race Condition Information Disclosure +5
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Rating increase/decrease via race condition in Lester 'GaMerZ' Chan WP-PostRatings plugin <= 1.89 at WordPress. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition WordPress Information Disclosure +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.19.8. Rated medium severity (CVSS 4.7).

Linux Race Condition Information Disclosure +2
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

In apusys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Rated medium severity (CVSS 4.7).

Linux Race Condition Information Disclosure +2
NVD GitHub
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. Rated high severity (CVSS 7.0). No vendor patch available.

Linux Race Condition Information Disclosure +1
NVD
EPSS 0% CVSS 7.0
HIGH POC This Week

An issue found in linux-kernel that leads to a race condition in rose_connect(). Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Linux Race Condition Information Disclosure +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

A race condition was found in vdsm. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Vdsm +3
NVD
EPSS 0% CVSS 7.0
HIGH POC This Week

A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Eternal Terminal
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Information Disclosure Eternal Terminal
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Privilege Escalation Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Race Condition Denial Of Service +2
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In the Audio HAL, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Privilege Escalation +2
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Denial Of Service +2
NVD
Prev Page 12 of 21 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy