Skip to main content

Race Condition

web MEDIUM

Race conditions occur when multiple concurrent requests exploit the brief time gap between checking a condition and acting upon it (TOCTOU - Time of Check, Time of Use).

How It Works

Race conditions occur when multiple concurrent requests exploit the brief time gap between checking a condition and acting upon it (TOCTOU - Time of Check, Time of Use). An attacker sends nearly simultaneous requests to manipulate shared state before the application can enforce its business logic. For example, when redeeming a gift voucher, Request A checks the balance, Request B also checks while A is processing, then both complete successfully—redeeming the voucher twice.

Attackers use specialized techniques to achieve precise timing. HTTP/2's multiplexing allows 20-30 requests in a single TCP packet, arriving virtually simultaneously at the server. For HTTP/1.1, "last-byte synchronization" holds back the final byte of multiple requests, then releases them together. These methods reduce network jitter to microseconds, maximizing collision probability.

Advanced attacks include multi-endpoint collisions (hitting different API paths that share state), exploiting partial object construction (accessing resources before initialization completes), and single-endpoint confusion (causing a function to process stale state by overwhelming it with requests).

Impact

  • Financial fraud: Redeeming coupons multiple times, withdrawing beyond account balance, applying discounts repeatedly
  • Authentication bypass: Reusing CAPTCHA tokens, bypassing rate limits on login attempts, exploiting session validation gaps
  • Resource exhaustion: Claiming limited inventory multiple times, booking the same seat/room concurrently
  • Data corruption: Simultaneous writes creating inconsistent database states, inventory counts becoming negative
  • Access control violations: Exploiting privilege checks to access unauthorized resources during state transitions

Real-World Examples

In 2019, security researchers demonstrated race conditions in major e-commerce platforms allowing users to purchase items at massive discounts by applying the same promotional code dozens of times within milliseconds. The applications checked voucher validity but didn't atomically mark them as used.

TOCTOU vulnerabilities have been found in cryptocurrency exchanges where concurrent withdrawal requests could drain more funds than an account held. Attackers automated HTTP/2 packet timing to submit multiple withdrawal requests before the balance update propagated, essentially duplicating money.

File upload race conditions have enabled remote code execution when attackers upload malicious files and execute them before security scanners complete validation-the check happens, but the file runs before removal.

Mitigation

  • Database transactions with row-level locking: Wrap check-and-update logic in ACID transactions with SELECT FOR UPDATE
  • Idempotency keys: Require unique request identifiers; reject duplicates within a time window
  • Uniqueness constraints: Database-level UNIQUE constraints on critical fields (voucher redemptions, order IDs)
  • Atomic operations: Use database built-ins like DECREMENT with bounds checking, compare-and-swap primitives
  • Application-level mutexes: Distributed locks (Redis, memcached) around critical sections, ensuring single execution
  • Rate limiting per resource: Throttle requests per user AND per target resource (not just per IP)
  • Sequence validation: Check monotonically increasing counters or nonces to detect concurrent modification

Recent CVEs (1817)

EPSS 0% CVSS 2.5
LOW POC Monitor

The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is. Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.

Authentication Bypass Race Condition Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus. Rated medium severity (CVSS 4.7). Public exploit code available.

Authentication Bypass Race Condition Linux +1
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Race Condition Buffer Overflow Linux Kernel +1
NVD
EPSS 18% CVSS 7.5
HIGH PATCH This Week

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Authentication Bypass Race Condition Apache +13
NVD
EPSS 1% CVSS 8.1
HIGH POC PATCH This Week

An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Webargs
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Google +1
NVD
EPSS 17% CVSS 8.1
HIGH POC PATCH THREAT This Week

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Race Condition Linux Information Disclosure +24
NVD GitHub Exploit-DB
EPSS 1% CVSS 8.1
HIGH POC This Week

An issue was discovered in Metinfo 6.x. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition RCE PHP +1
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Week

Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Debian +2
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. Rated medium severity (CVSS 6.7).

Authentication Bypass Race Condition Polkit +8
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Elastic +1
NVD
EPSS 1% CVSS 8.1
HIGH This Week

In Veraport G3 ALL on MacOS, a race condition when calling the Veraport API allow remote attacker to cause arbitrary file download and execution. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Apple +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Qemu +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. Rated high severity (CVSS 7.8).

Race Condition RCE Path Traversal +3
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In easelcomm_hw_build_scatterlist, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Buffer Overflow +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Apple +2
NVD
EPSS 3% CVSS 6.6
MEDIUM POC This Month

A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin before 9.2.0 for WordPress allows an SEO Manager to perform command. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition WordPress Information Disclosure +2
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Race Condition Privilege Escalation Denial Of Service +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Google +5
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Information Disclosure Ubuntu Linux +1
NVD GitHub Exploit-DB
EPSS 3% CVSS 8.1
HIGH POC This Week

In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Linux +9
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Authentication Bypass Service Governance Framework
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS). Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Race Condition Cisco Denial Of Service +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux +9
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Information Disclosure Lenovo +68
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. Rated high severity (CVSS 7.0).

Google Information Disclosure Linux +3
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Race Condition Information Disclosure Gitolite
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM POC This Month

GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Race Condition Microsoft Denial Of Service +1
NVD GitHub
EPSS 99% CVSS 5.3
MEDIUM POC PATCH THREAT This Month

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Race Condition Information Disclosure SSH +22
NVD GitHub Exploit-DB
EPSS 12% CVSS 5.9
MEDIUM PATCH This Month

If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Apache Information Disclosure +2
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Rated high severity (CVSS 7.0).

Google Denial Of Service Linux +4
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use. Rated high severity (CVSS 7.0).

Google Denial Of Service Linux +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition exists in a driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-05-05 potentially. Rated high severity (CVSS 7.0). No vendor patch available.

Google Information Disclosure Linux +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Due to a race condition in a camera driver ioctl handler in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05,. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Linux +3
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and earlier allows attackers to bypass network access control via data. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Race Condition Authentication Bypass Onos
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server when running over HTTP. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Atlassian Apache +2
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 4.17.2. Rated medium severity (CVSS 6.3).

Race Condition Denial Of Service Linux +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM This Month

Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Information Disclosure Endpoint Protection
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Nginx +2
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service 389 Directory Server +8
NVD
EPSS 1% CVSS 3.7
LOW PATCH Monitor

private_address_check ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition due to the address the socket uses not being checked. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Private Address Check
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Due to a race condition in the QTEECOM driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, when more than one HLOS client loads the same. Rated high severity (CVSS 7.0).

Google Denial Of Service Linux +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a. Rated high severity (CVSS 7.0).

Race Condition Denial Of Service Linux +3
NVD
EPSS 7% CVSS 5.9
MEDIUM PATCH This Month

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Linux +1
NVD GitHub
EPSS 4% CVSS 7.0
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Race Condition Nvidia RCE +2
NVD Exploit-DB
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +1
NVD
EPSS 12% CVSS 7.5
HIGH POC THREAT This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Microsoft RCE +7
NVD Exploit-DB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A race condition in drm_atomic_nonblocking_commit() in the display driver can potentially lead to a Use After Free scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Google Denial Of Service Linux +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Trend Micro Privilege Escalation +4
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Joomla
NVD
EPSS 19% CVSS 7.8
HIGH POC PATCH THREAT Act Now

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Privilege Escalation Linux +14
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.9
MEDIUM This Month

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, due to a race condition, a Use After. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Denial Of Service Linux +4
NVD
EPSS 2% CVSS 7.0
HIGH POC This Week

Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Privilege Escalation Beep +1
NVD Exploit-DB
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +4
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +4
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +3
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +4
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +2
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +4
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +2
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +2
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Authentication Bypass Apple +4
NVD
EPSS 0% CVSS 7.0
HIGH This Week

screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Authentication Bypass Screen Resolution Extra +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Linux +3
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A remote code execution issue was discovered in GLPI through 9.2.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition RCE PHP +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Race Condition Denial Of Service Libvips +1
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux +3
NVD
EPSS 1% CVSS 7.0
HIGH POC This Week

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Microsoft RCE +5
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Week

Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition RCE Leptonica
NVD
EPSS 7% CVSS 5.9
MEDIUM PATCH This Month

In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Systemd +10
NVD
EPSS 4% CVSS 5.9
MEDIUM POC This Month

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Race Condition Denial Of Service Linux +6
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Information Disclosure Big Ip Local Traffic Manager +9
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to. Rated high severity (CVSS 7.0).

Race Condition Linux Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can. Rated high severity (CVSS 7.0).

Denial Of Service Linux Google +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a. Rated high severity (CVSS 7.0).

Linux Google Race Condition +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a Camera driver can lead to a Use After Free condition. Rated high severity (CVSS 7.0).

Denial Of Service Linux Google +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a camera driver function, a race condition exists which can lead to a Use After Free. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Linux Google +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a KGSL driver function, a race condition exists which can lead to a Use After Free. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Linux Google +3
NVD
EPSS 0% CVSS 8.5
HIGH This Week

It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Authentication Bypass Bitbucket Auto Unapprove Plugin
NVD
EPSS 8% CVSS 7.0
HIGH POC This Week

The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Linux Information Disclosure +1
NVD Exploit-DB
EPSS 0% CVSS 4.7
MEDIUM This Month

Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Race Condition P9 Firmware
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Linux Google Race Condition +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption. Rated high severity (CVSS 7.0).

Linux Buffer Overflow Google +3
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Race Condition Circle With Disney Firmware
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Race Condition Hashicorp VMware +2
NVD Exploit-DB
EPSS 0% CVSS 7.0
HIGH POC This Week

In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Hashicorp VMware +2
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH This Week

Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Race Condition Microsoft +5
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Race Condition Microsoft +5
NVD
Prev Page 17 of 21 Next

Quick Facts

Typical Severity
MEDIUM
Category
web
Total CVEs
1817

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy