Skip to main content

Race Condition

1816 CVEs technique

Monthly

CVE-2021-39642 MEDIUM PATCH This Month

In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4).

Google Buffer Overflow Privilege Escalation Race Condition Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2021-0955 HIGH This Week

In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2021-0920 MEDIUM KEV THREAT This Month

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Denial Of Service Privilege Escalation Race Condition Linux Kernel +2
NVD
CVSS 3.1
6.4
EPSS
0.8%
CVE-2021-43538 MEDIUM This Month

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Race Condition Firefox Firefox Esr +2
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2021-41025 CRITICAL PATCH Act Now

Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 thorugh 6.0.7, including an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Fortinet Race Condition Authentication Bypass Fortiweb
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-37074 HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Privilege Escalation Race Condition Harmonyos Emui +1
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-37069 HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition Harmonyos Emui +1
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2021-37085 MEDIUM This Month

There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Denial Of Service Race Condition Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2021-37082 MEDIUM This Month

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Denial Of Service Race Condition Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2021-37073 LOW Monitor

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition Harmonyos
NVD
CVSS 3.1
3.7
EPSS
0.3%
CVE-2021-44513 HIGH PATCH This Week

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling. Rated high severity (CVSS 7.0).

Information Disclosure Race Condition Tmate Ssh Server
NVD GitHub
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-43411 HIGH POC PATCH This Week

An issue was discovered in GNU Hurd before 0.9 20210404-9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Race Condition Hurd
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-37991 HIGH This Week

Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Race Condition Chrome Debian Linux
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-36181 LOW Monitor

A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated,. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition Fortiportal
NVD
CVSS 3.1
3.1
EPSS
0.4%
CVE-2021-36808 HIGH This Week

A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. Rated high severity (CVSS 7.0). No vendor patch available.

Google Sophos Race Condition Authentication Bypass Sophos Secure Workspace
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-36994 LOW Monitor

There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition Emui Magic Ui
NVD
CVSS 3.1
3.7
EPSS
0.3%
CVE-2021-36987 MEDIUM This Month

There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition Emui Magic Ui
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2021-0870 HIGH PATCH This Week

In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Google Buffer Overflow RCE Race Condition Android
NVD
CVSS 3.1
8.1
EPSS
7.0%
CVE-2021-0652 HIGH PATCH This Week

In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Buffer Overflow Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0483 HIGH PATCH This Week

In multiple methods of AAudioService, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-31382 CRITICAL Act Now

On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon (chassisd) and firewall process (dfwd) of Juniper Networks. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Juniper Junos
NVD
CVSS 3.1
9.0
EPSS
0.6%
CVE-2021-31364 MEDIUM PATCH This Month

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500,. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Race Condition Juniper Junos
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2021-0298 MEDIUM This Month

A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Juniper Junos Os Evolved
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2021-35494 MEDIUM This Month

The Rest API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Race Condition Jasperreports Server
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-0688 HIGH PATCH This Week

In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. Rated high severity (CVSS 7.0).

Google Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-1958 MEDIUM PATCH This Month

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables. Rated medium severity (CVSS 6.4).

Qualcomm Denial Of Service Race Condition Qca6574a Firmware Qca6574au Firmware +36
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2021-30714 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition Ipados Iphone Os
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2021-30652 HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition Ipados Iphone Os +4
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2021-22004 PyPI MEDIUM PATCH This Month

An issue was discovered in SaltStack Salt before 3003.3. Rated medium severity (CVSS 6.4).

Information Disclosure Race Condition Salt Fedora
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2021-1884 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Denial Of Service Race Condition Ipados Iphone Os +4
NVD
CVSS 3.1
5.9
EPSS
1.6%
CVE-2021-30786 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Iphone Os macOS
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2021-28701 HIGH This Week

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Race Condition Xen Debian Linux Fedora
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-40490 HIGH PATCH This Week

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition Linux Kernel Fedora +14
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2021-28697 HIGH This Week

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Xen Fedora Debian Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-30603 HIGH POC This Week

Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Google Information Disclosure Race Condition Chrome Fedora
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2021-31004 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition macOS
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2021-30996 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Ipados Iphone Os +1
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2021-30995 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition Ipados Iphone Os +4
NVD
CVSS 3.1
7.0
EPSS
2.3%
CVE-2021-30984 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple RCE Race Condition Safari Ipados +6
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-30982 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition Mac Os X macOS
NVD
CVSS 3.1
5.9
EPSS
1.5%
CVE-2021-30955 HIGH POC This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Ipados Iphone Os +3
NVD
CVSS 3.1
7.0
EPSS
4.6%
CVE-2021-30933 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition macOS
NVD
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-30923 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Ipados Iphone Os +1
NVD
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-30899 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Mac Os X macOS
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2021-30868 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition macOS
NVD
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-30857 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Ipados Iphone Os +4
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2021-29986 HIGH POC This Week

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Mozilla Buffer Overflow Race Condition Firefox Firefox Esr +1
NVD
CVSS 3.1
8.1
EPSS
1.3%
CVE-2021-3573 MEDIUM POC PATCH This Month

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call. Rated medium severity (CVSS 6.4). Public exploit code available.

Linux Denial Of Service Race Condition Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2021-38587 HIGH This Week

In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Cpanel
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-38191 Cargo MEDIUM POC PATCH This Month

An issue was discovered in the tokio crate before 1.8.1 for Rust. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Race Condition Tokio
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2021-36221 Go MEDIUM PATCH This Month

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Race Condition Go Fedora Debian Linux +2
NVD
CVSS 3.1
5.9
EPSS
3.1%
CVE-2021-32810 Cargo CRITICAL PATCH Act Now

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Crossbeam Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-22428 HIGH This Week

There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Race Condition Authentication Bypass Emui Magic Ui
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-22427 HIGH This Week

There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Huawei Race Condition Authentication Bypass Emui +1
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-22384 HIGH This Week

There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition Authentication Bypass Emui +1
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-32686 MEDIUM PATCH This Month

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Race Condition Pjsip Debian Linux
NVD GitHub
CVSS 3.1
5.9
EPSS
2.1%
CVE-2021-34462 HIGH PATCH This Week

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Race Condition Windows 10 Windows Server 2016 +1
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2021-0514 HIGH This Week

In several functions of the V8 library, there is a possible use after free due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Denial Of Service Race Condition Android
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-22340 MEDIUM This Month

There is a multiple threads race condition vulnerability in Huawei product. Rated medium severity (CVSS 4.1). No vendor patch available.

Huawei Denial Of Service Race Condition Manageone Smc2 0
NVD
CVSS 3.1
4.1
EPSS
0.1%
CVE-2021-21005 HIGH This Week

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Fl Switch Smcs 16Tx Firmware Fl Switch Smcs 14Tx 2Fx Firmware Fl Switch Smcs 14Tx 2Fx Sm Firmware +12
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-31615 MEDIUM This Month

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Code Injection Race Condition Bluetooth Core Specification
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2021-29952 HIGH This Week

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Race Condition Mozilla Firefox
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-29948 LOW POC Monitor

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.

Mozilla Information Disclosure Race Condition Thunderbird
NVD
CVSS 3.1
2.5
EPSS
0.3%
CVE-2021-24000 LOW Monitor

A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Mozilla Information Disclosure Race Condition Firefox
NVD
CVSS 3.1
3.1
EPSS
0.6%
CVE-2021-22378 MEDIUM This Month

There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition Ecns280 Td Firmware
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2021-0565 HIGH This Week

In wrapUserThread of AudioStream.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2021-0564 MEDIUM This Month

In decrypt of CryptoPlugin.cpp, there is a possible use-after-free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Privilege Escalation Race Condition Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2021-24377 HIGH POC This Week

The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

WordPress Race Condition Authentication Bypass Autoptimize
NVD WPScan
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-0533 HIGH This Week

In memory management driver, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2021-0532 HIGH This Week

In memory management driver, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2021-0520 HIGH PATCH This Week

In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-0509 HIGH This Week

In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-0508 HIGH PATCH This Week

In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-0476 HIGH PATCH This Week

In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-25395 MEDIUM KEV THREAT This Month

A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Authentication Bypass Android
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2021-1900 HIGH This Week

Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Denial Of Service Race Condition Apq8009 Firmware Apq8009W Firmware +88
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2021-30465 Go HIGH PATCH This Week

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Microsoft Path Traversal Race Condition Runc Fedora
NVD GitHub
CVSS 3.1
8.5
EPSS
6.6%
CVE-2021-27925 MEDIUM This Month

An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Race Condition Couchbase Server
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2021-32921 MEDIUM This Month

An issue was discovered in Prosody before 0.11.9. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Prosody Fedora Debian Linux
NVD
CVSS 3.1
5.9
EPSS
1.6%
CVE-2021-32399 HIGH POC PATCH This Week

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Information Disclosure Race Condition Linux Kernel Debian Linux +9
NVD GitHub
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-27216 MEDIUM POC This Month

Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Information Disclosure Race Condition Exim
NVD
CVSS 3.1
6.3
EPSS
1.0%
CVE-2021-0270 MEDIUM This Month

On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) microkernel architecture of Juniper Networks Junos OS. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Juniper Junos
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2021-0258 MEDIUM This Month

A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Juniper Junos
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2021-0247 MEDIUM This Month

A Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) vulnerability in the firewall process (dfwd) of Juniper Networks Junos OS allows an attacker to bypass the. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Race Condition Juniper Junos
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2021-0244 HIGH This Week

A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Race Condition Juniper Junos
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2021-23133 HIGH POC PATCH This Week

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Privilege Escalation Race Condition Linux Kernel Fedora +13
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2021-0443 MEDIUM PATCH This Month

In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required.

Google Information Disclosure Race Condition Java Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2021-0432 HIGH PATCH This Week

In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.0).

Google Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2021-1806 HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Mac Os X macOS
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2021-25158 MEDIUM POC PATCH THREAT This Month

A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Race Condition Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
5.9
EPSS
30.6%
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4).

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 1% CVSS 6.4
MEDIUM KEV THREAT This Month

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Denial Of Service Privilege Escalation +4
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Race Condition +4
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 thorugh 6.0.7, including an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Fortinet Race Condition Authentication Bypass +1
NVD
EPSS 1% CVSS 8.1
HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Privilege Escalation Race Condition +3
NVD
EPSS 1% CVSS 7.4
HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +3
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Denial Of Service Race Condition +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Denial Of Service Race Condition +1
NVD
EPSS 0% CVSS 3.7
LOW Monitor

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling. Rated high severity (CVSS 7.0).

Information Disclosure Race Condition Tmate Ssh Server
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

An issue was discovered in GNU Hurd before 0.9 20210404-9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Race Condition Hurd
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Race Condition +2
NVD
EPSS 0% CVSS 3.1
LOW Monitor

A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated,. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition Fortiportal
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. Rated high severity (CVSS 7.0). No vendor patch available.

Google Sophos Race Condition +2
NVD
EPSS 0% CVSS 3.7
LOW Monitor

There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +2
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +2
NVD
EPSS 7% CVSS 8.1
HIGH PATCH This Week

In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Google Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In multiple methods of AAudioService, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Race Condition +1
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon (chassisd) and firewall process (dfwd) of Juniper Networks. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Juniper +1
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500,. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The Rest API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Race Condition +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. Rated high severity (CVSS 7.0).

Google Privilege Escalation Race Condition +1
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables. Rated medium severity (CVSS 6.4).

Qualcomm Denial Of Service Race Condition +38
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +2
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +6
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

An issue was discovered in SaltStack Salt before 3003.3. Rated medium severity (CVSS 6.4).

Information Disclosure Race Condition Salt +1
NVD
EPSS 2% CVSS 5.9
MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Denial Of Service Race Condition +6
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Race Condition Xen +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition +16
NVD
EPSS 0% CVSS 7.8
HIGH This Week

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Xen +2
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Google Information Disclosure Race Condition +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +3
NVD
EPSS 2% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +6
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple RCE Race Condition +8
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +2
NVD
EPSS 5% CVSS 7.0
HIGH POC This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +5
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +3
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +2
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +6
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Mozilla Buffer Overflow Race Condition +3
NVD
EPSS 0% CVSS 6.4
MEDIUM POC PATCH This Month

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call. Rated medium severity (CVSS 6.4). Public exploit code available.

Linux Denial Of Service Race Condition +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Cpanel
NVD
EPSS 1% CVSS 5.9
MEDIUM POC PATCH This Month

An issue was discovered in the tokio crate before 1.8.1 for Rust. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Race Condition Tokio
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Race Condition Go +4
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Crossbeam +1
NVD GitHub
EPSS 1% CVSS 8.1
HIGH This Week

There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Race Condition Authentication Bypass +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Huawei Race Condition +3
NVD
EPSS 1% CVSS 8.1
HIGH This Week

There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +3
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Race Condition Pjsip +1
NVD GitHub
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Race Condition +3
NVD
EPSS 1% CVSS 8.1
HIGH This Week

In several functions of the V8 library, there is a possible use after free due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Denial Of Service +2
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

There is a multiple threads race condition vulnerability in Huawei product. Rated medium severity (CVSS 4.1). No vendor patch available.

Huawei Denial Of Service Race Condition +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Fl Switch Smcs 16Tx Firmware +14
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Code Injection Race Condition Bluetooth Core Specification
NVD
EPSS 1% CVSS 7.5
HIGH This Week

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Race Condition +2
NVD
EPSS 0% CVSS 2.5
LOW POC Monitor

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.

Mozilla Information Disclosure Race Condition +1
NVD
EPSS 1% CVSS 3.1
LOW Monitor

A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Mozilla Information Disclosure Race Condition +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition Ecns280 Td Firmware
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In wrapUserThread of AudioStream.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In decrypt of CryptoPlugin.cpp, there is a possible use-after-free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Privilege Escalation Race Condition +1
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

WordPress Race Condition Authentication Bypass +1
NVD WPScan
EPSS 0% CVSS 7.0
HIGH This Week

In memory management driver, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In memory management driver, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 6.4
MEDIUM KEV THREAT This Month

A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Authentication Bypass Android
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Denial Of Service Race Condition +90
NVD
EPSS 7% CVSS 8.5
HIGH PATCH This Week

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Microsoft Path Traversal Race Condition +2
NVD GitHub
EPSS 1% CVSS 4.4
MEDIUM This Month

An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Race Condition Couchbase Server
NVD
EPSS 2% CVSS 5.9
MEDIUM This Month

An issue was discovered in Prosody before 0.11.9. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Prosody +2
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Information Disclosure Race Condition +11
NVD GitHub
EPSS 1% CVSS 6.3
MEDIUM POC This Month

Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Information Disclosure Race Condition Exim
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) microkernel architecture of Juniper Networks Junos OS. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

A Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) vulnerability in the firewall process (dfwd) of Juniper Networks Junos OS allows an attacker to bypass the. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Race Condition Juniper +1
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Race Condition Juniper +1
NVD
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Privilege Escalation Race Condition +15
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required.

Google Information Disclosure Race Condition +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.0).

Google Privilege Escalation Race Condition +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +2
NVD
EPSS 31% CVSS 5.9
MEDIUM POC PATCH THREAT This Month

A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Race Condition Aruba +2
NVD Exploit-DB
Prev Page 14 of 21 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy