Skip to main content

Race Condition

web MEDIUM

Race conditions occur when multiple concurrent requests exploit the brief time gap between checking a condition and acting upon it (TOCTOU - Time of Check, Time of Use).

How It Works

Race conditions occur when multiple concurrent requests exploit the brief time gap between checking a condition and acting upon it (TOCTOU - Time of Check, Time of Use). An attacker sends nearly simultaneous requests to manipulate shared state before the application can enforce its business logic. For example, when redeeming a gift voucher, Request A checks the balance, Request B also checks while A is processing, then both complete successfully—redeeming the voucher twice.

Attackers use specialized techniques to achieve precise timing. HTTP/2's multiplexing allows 20-30 requests in a single TCP packet, arriving virtually simultaneously at the server. For HTTP/1.1, "last-byte synchronization" holds back the final byte of multiple requests, then releases them together. These methods reduce network jitter to microseconds, maximizing collision probability.

Advanced attacks include multi-endpoint collisions (hitting different API paths that share state), exploiting partial object construction (accessing resources before initialization completes), and single-endpoint confusion (causing a function to process stale state by overwhelming it with requests).

Impact

  • Financial fraud: Redeeming coupons multiple times, withdrawing beyond account balance, applying discounts repeatedly
  • Authentication bypass: Reusing CAPTCHA tokens, bypassing rate limits on login attempts, exploiting session validation gaps
  • Resource exhaustion: Claiming limited inventory multiple times, booking the same seat/room concurrently
  • Data corruption: Simultaneous writes creating inconsistent database states, inventory counts becoming negative
  • Access control violations: Exploiting privilege checks to access unauthorized resources during state transitions

Real-World Examples

In 2019, security researchers demonstrated race conditions in major e-commerce platforms allowing users to purchase items at massive discounts by applying the same promotional code dozens of times within milliseconds. The applications checked voucher validity but didn't atomically mark them as used.

TOCTOU vulnerabilities have been found in cryptocurrency exchanges where concurrent withdrawal requests could drain more funds than an account held. Attackers automated HTTP/2 packet timing to submit multiple withdrawal requests before the balance update propagated, essentially duplicating money.

File upload race conditions have enabled remote code execution when attackers upload malicious files and execute them before security scanners complete validation-the check happens, but the file runs before removal.

Mitigation

  • Database transactions with row-level locking: Wrap check-and-update logic in ACID transactions with SELECT FOR UPDATE
  • Idempotency keys: Require unique request identifiers; reject duplicates within a time window
  • Uniqueness constraints: Database-level UNIQUE constraints on critical fields (voucher redemptions, order IDs)
  • Atomic operations: Use database built-ins like DECREMENT with bounds checking, compare-and-swap primitives
  • Application-level mutexes: Distributed locks (Redis, memcached) around critical sections, ensuring single execution
  • Rate limiting per resource: Throttle requests per user AND per target resource (not just per IP)
  • Sequence validation: Check monotonically increasing counters or nonces to detect concurrent modification

Recent CVEs (1817)

EPSS 0% CVSS 4.1
MEDIUM PATCH This Month

In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. Rated medium severity (CVSS 4.1).

Google Information Disclosure Race Condition +1
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4).

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 1% CVSS 6.4
MEDIUM KEV THREAT This Month

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Denial Of Service Privilege Escalation +4
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Race Condition +4
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 thorugh 6.0.7, including an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Fortinet Race Condition Authentication Bypass +1
NVD
EPSS 1% CVSS 8.1
HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Privilege Escalation Race Condition +3
NVD
EPSS 1% CVSS 7.4
HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +3
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Denial Of Service Race Condition +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Denial Of Service Race Condition +1
NVD
EPSS 0% CVSS 3.7
LOW Monitor

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling. Rated high severity (CVSS 7.0).

Information Disclosure Race Condition Tmate Ssh Server
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

An issue was discovered in GNU Hurd before 0.9 20210404-9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Race Condition Hurd
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Race Condition +2
NVD
EPSS 0% CVSS 3.1
LOW Monitor

A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated,. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition Fortiportal
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. Rated high severity (CVSS 7.0). No vendor patch available.

Google Sophos Race Condition +2
NVD
EPSS 0% CVSS 3.7
LOW Monitor

There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +2
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +2
NVD
EPSS 7% CVSS 8.1
HIGH PATCH This Week

In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Google Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In multiple methods of AAudioService, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Race Condition +1
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon (chassisd) and firewall process (dfwd) of Juniper Networks. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Juniper +1
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500,. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The Rest API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Race Condition +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. Rated high severity (CVSS 7.0).

Google Privilege Escalation Race Condition +1
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables. Rated medium severity (CVSS 6.4).

Qualcomm Denial Of Service Race Condition +38
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +2
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +6
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

An issue was discovered in SaltStack Salt before 3003.3. Rated medium severity (CVSS 6.4).

Information Disclosure Race Condition Salt +1
NVD
EPSS 2% CVSS 5.9
MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Denial Of Service Race Condition +6
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Race Condition Xen +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition +16
NVD
EPSS 0% CVSS 7.8
HIGH This Week

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Xen +2
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Google Information Disclosure Race Condition +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +3
NVD
EPSS 2% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +6
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple RCE Race Condition +8
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition +2
NVD
EPSS 5% CVSS 7.0
HIGH POC This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +5
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +3
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +2
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +6
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Mozilla Buffer Overflow Race Condition +3
NVD
EPSS 0% CVSS 6.4
MEDIUM POC PATCH This Month

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call. Rated medium severity (CVSS 6.4). Public exploit code available.

Linux Denial Of Service Race Condition +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Cpanel
NVD
EPSS 1% CVSS 5.9
MEDIUM POC PATCH This Month

An issue was discovered in the tokio crate before 1.8.1 for Rust. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Race Condition Tokio
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Race Condition Go +4
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Crossbeam +1
NVD GitHub
EPSS 1% CVSS 8.1
HIGH This Week

There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Race Condition Authentication Bypass +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Huawei Race Condition +3
NVD
EPSS 1% CVSS 8.1
HIGH This Week

There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +3
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Race Condition Pjsip +1
NVD GitHub
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Race Condition +3
NVD
EPSS 1% CVSS 8.1
HIGH This Week

In several functions of the V8 library, there is a possible use after free due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Denial Of Service +2
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

There is a multiple threads race condition vulnerability in Huawei product. Rated medium severity (CVSS 4.1). No vendor patch available.

Huawei Denial Of Service Race Condition +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Fl Switch Smcs 16Tx Firmware +14
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Code Injection Race Condition Bluetooth Core Specification
NVD
EPSS 1% CVSS 7.5
HIGH This Week

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Race Condition +2
NVD
EPSS 0% CVSS 2.5
LOW POC Monitor

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.

Mozilla Information Disclosure Race Condition +1
NVD
EPSS 1% CVSS 3.1
LOW Monitor

A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Mozilla Information Disclosure Race Condition +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition Ecns280 Td Firmware
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In wrapUserThread of AudioStream.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In decrypt of CryptoPlugin.cpp, there is a possible use-after-free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Privilege Escalation Race Condition +1
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

WordPress Race Condition Authentication Bypass +1
NVD WPScan
EPSS 0% CVSS 7.0
HIGH This Week

In memory management driver, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In memory management driver, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 6.4
MEDIUM KEV THREAT This Month

A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Authentication Bypass Android
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Denial Of Service Race Condition +90
NVD
EPSS 7% CVSS 8.5
HIGH PATCH This Week

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Microsoft Path Traversal Race Condition +2
NVD GitHub
EPSS 1% CVSS 4.4
MEDIUM This Month

An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Race Condition Couchbase Server
NVD
EPSS 2% CVSS 5.9
MEDIUM This Month

An issue was discovered in Prosody before 0.11.9. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Prosody +2
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Information Disclosure Race Condition +11
NVD GitHub
EPSS 1% CVSS 6.3
MEDIUM POC This Month

Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Information Disclosure Race Condition Exim
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) microkernel architecture of Juniper Networks Junos OS. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

A Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) vulnerability in the firewall process (dfwd) of Juniper Networks Junos OS allows an attacker to bypass the. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Race Condition Juniper +1
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Race Condition Juniper +1
NVD
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Privilege Escalation Race Condition +15
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required.

Google Information Disclosure Race Condition +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.0).

Google Privilege Escalation Race Condition +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition +2
NVD
Prev Page 14 of 21 Next

Quick Facts

Typical Severity
MEDIUM
Category
web
Total CVEs
1817

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy