Skip to main content

Race Condition

1816 CVEs technique

Monthly

CVE-2022-20344 HIGH PATCH This Week

In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process communication due to a race condition. Rated high severity (CVSS 7.0).

Google Race Condition Privilege Escalation Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-35796 HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google Information Disclosure Edge Chromium
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-34702 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition RCE Windows 10 Windows 11 +8
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-34696 HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Microsoft Race Condition RCE Windows 10 Windows 11 +5
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-33636 HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google RCE Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.1%
CVE-2022-37035 HIGH POC This Week

An issue was discovered in bgpd in FRRouting (FRR) 8.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Information Disclosure Frrouting
NVD GitHub
CVSS 3.1
8.1
EPSS
1.9%
CVE-2022-26428 MEDIUM This Month

In video codec, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-21789 MEDIUM This Month

In audio ipi, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-2160 MEDIUM POC This Month

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Microsoft Race Condition Chrome +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-34892 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Race Condition RCE Parallels Desktop
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30214 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
6.6
EPSS
1.0%
CVE-2022-30212 MEDIUM This Month

Windows Connected Devices Platform Service Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +3
NVD
CVSS 3.1
4.7
EPSS
0.5%
CVE-2022-30205 MEDIUM This Month

Windows Group Policy Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2022-24800 PHP HIGH PATCH This Week

October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

PHP Race Condition RCE October
NVD GitHub
CVSS 3.1
8.1
EPSS
1.4%
CVE-2022-21776 MEDIUM This Month

In MDP, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Denial Of Service Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-21774 MEDIUM This Month

In TEEI driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Denial Of Service Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-21773 MEDIUM This Month

In TEEI driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Denial Of Service Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-21772 MEDIUM This Month

In TEEI driver, there is a possible type confusion due to a race condition. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-21771 MEDIUM This Month

In GED driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Denial Of Service Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20082 HIGH This Week

In GPU, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Denial Of Service Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-30028 MEDIUM This Month

Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Dradis
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2022-33915 HIGH This Week

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Apache Java Hotpatch
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-30163 HIGH PATCH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Race Condition RCE Microsoft Windows 10 Windows 11 +7
NVD
CVSS 3.1
8.5
EPSS
1.8%
CVE-2022-20155 HIGH This Week

In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-20154 MEDIUM This Month

In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Privilege Escalation Denial Of Service Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-20148 MEDIUM This Month

In TBD of TBD, there is a possible use-after-free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-20141 HIGH This Week

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation Denial Of Service Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-22057 HIGH PATCH This Week

Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Race Condition Qualcomm Apq8053 Firmware Ar8035 Firmware +78
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-31758 MEDIUM This Month

The kernel module has the race condition vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2022-26362 MEDIUM PATCH This Month

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. Rated medium severity (CVSS 6.4).

Race Condition Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2022-1462 MEDIUM POC This Month

An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Race Condition Linux Buffer Overflow Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2022-30128 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.8%
CVE-2022-30127 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft Information Disclosure Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
1.8%
CVE-2022-26765 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7). No vendor patch available.

Authentication Bypass Race Condition Apple Ipados Iphone Os +3
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-26701 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Apple Ipados Iphone Os +2
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-26690 MEDIUM This Month

Description: A race condition was addressed with additional validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure macOS
NVD
CVSS 3.1
4.7
EPSS
1.6%
CVE-2022-29116 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7).

Race Condition Microsoft Information Disclosure Windows 11
NVD
CVSS 3.1
4.7
EPSS
0.5%
CVE-2022-29113 HIGH PATCH This Week

Windows Digital Media Receiver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8).

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-20118 HIGH This Week

In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation Denial Of Service Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-20007 HIGH PATCH This Week

In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Google Race Condition Privilege Escalation Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-20006 HIGH This Week

In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation Java Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-20097 MEDIUM This Month

In aee daemon, there is a possible information disclosure due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2022-20091 MEDIUM This Month

In aee driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Denial Of Service Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-20090 MEDIUM This Month

In aee driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Denial Of Service Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-1195 MEDIUM PATCH This Month

A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Race Condition Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-29582 HIGH POC PATCH This Week

In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Linux Information Disclosure Linux Kernel Debian Linux
NVD GitHub
CVSS 3.1
7.0
EPSS
0.8%
CVE-2022-29527 HIGH POC PATCH This Week

Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. Rated high severity (CVSS 7.0). Public exploit code available.

Privilege Escalation Race Condition Amazon Ssm Agent
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-26904 HIGH POC KEV PATCH THREAT Act Now

Windows User Profile Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 +15
NVD
CVSS 3.1
7.0
EPSS
9.8%
CVE-2022-26829 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2008 Windows Server 2012 +3
NVD
CVSS 3.1
6.6
EPSS
1.8%
CVE-2022-26828 HIGH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows Server 2016 +2
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-26827 HIGH This Week

Windows File Server Resource Management Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-26822 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2008 Windows Server 2012 +3
NVD
CVSS 3.1
6.6
EPSS
1.8%
CVE-2022-26821 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2008 Windows Server 2012 +3
NVD
CVSS 3.1
6.6
EPSS
1.8%
CVE-2022-26820 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2008 Windows Server 2012 +3
NVD
CVSS 3.1
6.6
EPSS
1.8%
CVE-2022-26819 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2008 Windows Server 2012 +3
NVD
CVSS 3.1
6.6
EPSS
1.8%
CVE-2022-26817 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
6.6
EPSS
1.7%
CVE-2022-26814 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
6.6
EPSS
1.7%
CVE-2022-26808 HIGH This Week

Windows File Explorer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +6
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-26807 HIGH This Week

Windows Work Folder Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-24540 HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-24537 HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition RCE Microsoft Windows 10 Windows 11 +4
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-24482 HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +3
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-22008 HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition RCE Microsoft Windows 10 Windows 11 +5
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-27481 MEDIUM PATCH This Month

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required.

Denial Of Service Race Condition Siemens Scalance W1788 2Ia M12 Firmware Scalance W1788 2 M12 Firmware +2
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2022-20080 MEDIUM This Month

In SUB2AF, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Buffer Overflow Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-20078 MEDIUM This Month

In vow, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Buffer Overflow Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-20077 MEDIUM This Month

In vow, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Buffer Overflow Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-28796 HIGH PATCH This Week

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. Rated high severity (CVSS 7.0).

Race Condition Linux Information Disclosure Linux Kernel Enterprise Linux +13
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-26357 HIGH PATCH This Week

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-24302 PyPI MEDIUM POC PATCH This Month

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Paramiko Debian Linux Fedora
NVD GitHub
CVSS 3.1
5.9
EPSS
2.1%
CVE-2022-24751 HIGH PATCH This Week

Zulip is an open source group chat application. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Zulip
NVD GitHub
CVSS 3.1
7.4
EPSS
0.9%
CVE-2022-23042 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-23041 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23040 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23039 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23038 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23037 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-23036 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-25822 MEDIUM This Month

An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Android
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2022-25090 HIGH POC THREAT Act Now

Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.0%.

Privilege Escalation Race Condition Printix
NVD GitHub Exploit-DB VulDB
CVSS 3.1
8.1
EPSS
11.0%
CVE-2022-24525 HIGH This Week

Windows Update Stack Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +1
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-24505 HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-23283 HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-21975 MEDIUM This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Microsoft Windows 10 Windows 8 1 +4
NVD
CVSS 3.1
4.7
EPSS
0.4%
CVE-2022-24986 HIGH This Week

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Race Condition Kcron
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-0279 LOW POC Monitor

The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition WordPress Information Disclosure Anycomment
NVD WPScan
CVSS 3.1
3.1
EPSS
0.5%
CVE-2021-45710 Cargo HIGH PATCH This Week

An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Race Condition Tokio
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-45704 Cargo HIGH PATCH This Week

An issue was discovered in the metrics-util crate before 0.7.0 for Rust. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Race Condition Metrics Util
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2021-44733 HIGH POC This Week

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Linux Information Disclosure Race Condition Linux Kernel Enterprise Linux +10
NVD GitHub
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-39648 MEDIUM PATCH This Month

In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. Rated medium severity (CVSS 4.1).

Google Information Disclosure Race Condition Android
NVD
CVSS 3.1
4.1
EPSS
0.2%
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process communication due to a race condition. Rated high severity (CVSS 7.0).

Google Race Condition Privilege Escalation +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition RCE +10
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Microsoft Race Condition RCE +7
NVD
EPSS 1% CVSS 8.3
HIGH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Race Condition Google +2
NVD
EPSS 2% CVSS 8.1
HIGH POC This Week

An issue was discovered in bgpd in FRRouting (FRR) 8.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

In video codec, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In audio ipi, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow +1
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Microsoft +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Race Condition RCE Parallels Desktop
NVD
EPSS 1% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft +3
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Windows Connected Devices Platform Service Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Microsoft Information Disclosure +5
NVD
EPSS 1% CVSS 6.6
MEDIUM This Month

Windows Group Policy Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Microsoft Information Disclosure +10
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

PHP Race Condition RCE +1
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

In MDP, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Denial Of Service +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In TEEI driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Denial Of Service +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In TEEI driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Denial Of Service +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In TEEI driver, there is a possible type confusion due to a race condition. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Android
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In GED driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Denial Of Service +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In GPU, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Denial Of Service +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Dradis
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Apache +2
NVD
EPSS 2% CVSS 8.5
HIGH PATCH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Race Condition RCE Microsoft +9
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Privilege Escalation +2
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In TBD of TBD, there is a possible use-after-free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Privilege Escalation +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Race Condition Qualcomm +80
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

The kernel module has the race condition vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Emui +2
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. Rated medium severity (CVSS 6.4).

Race Condition Information Disclosure Xen +2
NVD
EPSS 0% CVSS 6.3
MEDIUM POC This Month

An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Race Condition Linux Buffer Overflow +3
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft +2
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google Race Condition Microsoft +2
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7). No vendor patch available.

Authentication Bypass Race Condition Apple +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Apple +4
NVD
EPSS 2% CVSS 4.7
MEDIUM This Month

Description: A race condition was addressed with additional validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure +1
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7).

Race Condition Microsoft Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Digital Media Receiver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8).

Race Condition Microsoft Information Disclosure +4
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Google Race Condition Privilege Escalation +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Race Condition Privilege Escalation +2
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

In aee daemon, there is a possible information disclosure due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Android
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In aee driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Denial Of Service +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In aee driver, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Denial Of Service +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Race Condition Linux +2
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Linux Information Disclosure +2
NVD GitHub
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. Rated high severity (CVSS 7.0). Public exploit code available.

Privilege Escalation Race Condition Amazon Ssm Agent
NVD GitHub
EPSS 10% CVSS 7.0
HIGH POC KEV PATCH THREAT Act Now

Windows User Profile Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Microsoft Information Disclosure +17
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft +5
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +4
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows File Server Resource Management Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +10
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft +4
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE Microsoft +4
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows File Explorer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +8
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows Work Folder Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +10
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +10
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition RCE Microsoft +6
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition RCE Microsoft +7
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required.

Denial Of Service Race Condition Siemens +4
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In SUB2AF, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Buffer Overflow +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In vow, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Buffer Overflow +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In vow, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Race Condition Buffer Overflow +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. Rated high severity (CVSS 7.0).

Race Condition Linux Information Disclosure +15
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Xen +2
NVD
EPSS 2% CVSS 5.9
MEDIUM POC PATCH This Month

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Paramiko +2
NVD GitHub
EPSS 1% CVSS 7.4
HIGH PATCH This Week

Zulip is an open source group chat application. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Zulip
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Android
NVD
EPSS 11% CVSS 8.1
HIGH POC THREAT Act Now

Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.0%.

Privilege Escalation Race Condition Printix
NVD GitHub Exploit-DB VulDB
EPSS 0% CVSS 7.0
HIGH This Week

Windows Update Stack Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +6
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Microsoft Information Disclosure +10
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Microsoft +6
NVD
EPSS 0% CVSS 7.8
HIGH This Week

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Race Condition Kcron
NVD
EPSS 0% CVSS 3.1
LOW POC Monitor

The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition WordPress Information Disclosure +1
NVD WPScan
EPSS 1% CVSS 8.1
HIGH PATCH This Week

An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Race Condition Tokio
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

An issue was discovered in the metrics-util crate before 0.7.0 for Rust. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Race Condition Metrics Util
NVD
EPSS 1% CVSS 7.0
HIGH POC This Week

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Linux Information Disclosure Race Condition +12
NVD GitHub
EPSS 0% CVSS 4.1
MEDIUM PATCH This Month

In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. Rated medium severity (CVSS 4.1).

Google Information Disclosure Race Condition +1
NVD
Prev Page 13 of 21 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy