Skip to main content

Race Condition

web MEDIUM

Race conditions occur when multiple concurrent requests exploit the brief time gap between checking a condition and acting upon it (TOCTOU - Time of Check, Time of Use).

How It Works

Race conditions occur when multiple concurrent requests exploit the brief time gap between checking a condition and acting upon it (TOCTOU - Time of Check, Time of Use). An attacker sends nearly simultaneous requests to manipulate shared state before the application can enforce its business logic. For example, when redeeming a gift voucher, Request A checks the balance, Request B also checks while A is processing, then both complete successfully—redeeming the voucher twice.

Attackers use specialized techniques to achieve precise timing. HTTP/2's multiplexing allows 20-30 requests in a single TCP packet, arriving virtually simultaneously at the server. For HTTP/1.1, "last-byte synchronization" holds back the final byte of multiple requests, then releases them together. These methods reduce network jitter to microseconds, maximizing collision probability.

Advanced attacks include multi-endpoint collisions (hitting different API paths that share state), exploiting partial object construction (accessing resources before initialization completes), and single-endpoint confusion (causing a function to process stale state by overwhelming it with requests).

Impact

  • Financial fraud: Redeeming coupons multiple times, withdrawing beyond account balance, applying discounts repeatedly
  • Authentication bypass: Reusing CAPTCHA tokens, bypassing rate limits on login attempts, exploiting session validation gaps
  • Resource exhaustion: Claiming limited inventory multiple times, booking the same seat/room concurrently
  • Data corruption: Simultaneous writes creating inconsistent database states, inventory counts becoming negative
  • Access control violations: Exploiting privilege checks to access unauthorized resources during state transitions

Real-World Examples

In 2019, security researchers demonstrated race conditions in major e-commerce platforms allowing users to purchase items at massive discounts by applying the same promotional code dozens of times within milliseconds. The applications checked voucher validity but didn't atomically mark them as used.

TOCTOU vulnerabilities have been found in cryptocurrency exchanges where concurrent withdrawal requests could drain more funds than an account held. Attackers automated HTTP/2 packet timing to submit multiple withdrawal requests before the balance update propagated, essentially duplicating money.

File upload race conditions have enabled remote code execution when attackers upload malicious files and execute them before security scanners complete validation-the check happens, but the file runs before removal.

Mitigation

  • Database transactions with row-level locking: Wrap check-and-update logic in ACID transactions with SELECT FOR UPDATE
  • Idempotency keys: Require unique request identifiers; reject duplicates within a time window
  • Uniqueness constraints: Database-level UNIQUE constraints on critical fields (voucher redemptions, order IDs)
  • Atomic operations: Use database built-ins like DECREMENT with bounds checking, compare-and-swap primitives
  • Application-level mutexes: Distributed locks (Redis, memcached) around critical sections, ensuring single execution
  • Rate limiting per resource: Throttle requests per user AND per target resource (not just per IP)
  • Sequence validation: Check monotonically increasing counters or nonces to detect concurrent modification

Recent CVEs (1817)

EPSS 8% CVSS 8.1
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow RCE +4
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Race Condition Linux Information Disclosure +1
NVD GitHub Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry. Rated high severity (CVSS 7.8).

RCE Race Condition Xen
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted. Rated high severity (CVSS 7.0).

Denial Of Service Race Condition Linux +1
NVD GitHub
EPSS 3% CVSS 6.7
MEDIUM POC PATCH This Month

The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available.

Race Condition Microsoft Authentication Bypass +2
NVD Exploit-DB
EPSS 0% CVSS 7.0
HIGH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command. Rated high severity (CVSS 7.0). No vendor patch available.

Linux Google Race Condition +3
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Sudo
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to. Rated medium severity (CVSS 5.6).

Race Condition Information Disclosure Qemu
NVD
EPSS 83% 5.4 CVSS 7.0
HIGH POC PATCH THREAT Act Now

Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. Rated high severity (CVSS 7.0). Public exploit code available and EPSS exploitation probability 82.9%.

Buffer Overflow Race Condition Linux +1
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.3
MEDIUM This Month

Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Race Condition Overwatch
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

fts.c in coreutils 8.4 allows local users to delete arbitrary files. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. No vendor patch available.

Race Condition Information Disclosure Coreutils
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Race Condition Python Information Disclosure +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Linux +4
NVD
EPSS 17% CVSS 8.1
HIGH PATCH Act Now

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.8%.

RCE Race Condition Microsoft +7
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. Rated medium severity (CVSS 5.6).

Denial Of Service Race Condition Xen
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A elevation of privilege vulnerability in the Upstream kernel scsi driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Race Condition Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a. Rated high severity (CVSS 7.0).

Race Condition Linux Information Disclosure +1
NVD GitHub
EPSS 3% CVSS 8.1
HIGH POC PATCH This Week

Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

RCE Race Condition Suitecrm
NVD GitHub
EPSS 5% CVSS 8.1
HIGH POC This Week

SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Suitecrm
NVD GitHub
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and. Rated high severity (CVSS 7.0). Public exploit code available.

Ubuntu Race Condition Information Disclosure +1
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the. Rated high severity (CVSS 7.8).

Denial Of Service Race Condition Xen +2
NVD
EPSS 0% CVSS 8.1
HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Linux Google +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Linux Google +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Linux Google Qualcomm +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Linux Google Qualcomm +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Linux Google Qualcomm +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Denial Of Service Linux Google +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Linux Google Qualcomm +3
NVD
EPSS 0% CVSS 8.1
HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Linux Google Qualcomm +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A elevation of privilege vulnerability in the Android media framework (libgui). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Race Condition Google Information Disclosure +1
NVD
EPSS 9% CVSS 7.0
HIGH POC PATCH This Week

Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that. Rated high severity (CVSS 7.0). Public exploit code available.

Buffer Overflow Denial Of Service Race Condition +2
NVD GitHub Exploit-DB
EPSS 0% CVSS 7.0
HIGH POC This Week

Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Google Samsung +2
NVD Exploit-DB
EPSS 0% CVSS 6.7
MEDIUM This Month

VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Rated medium severity (CVSS 6.7). No vendor patch available.

Race Condition VMware Privilege Escalation +1
NVD
EPSS 0% CVSS 7.0
HIGH POC This Week

aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Arts +1
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Yadm
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM This Month

/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Openldap Servers
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Authd
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Race Condition Red Hat Information Disclosure +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Race Condition Google +1
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Xen
NVD
EPSS 1% CVSS 8.1
HIGH This Week

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Xen
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

In all Android releases from CAF using the Linux kernel, a race condition exists in a QTEE driver potentially leading to an arbitrary memory write. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Google Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Google Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition Google Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition Google Linux +2
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 10.4.0.0.197. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Opa Ff +1
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Google Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Google Linux +2
NVD
EPSS 20% CVSS 6.4
MEDIUM POC THREAT This Month

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution. Rated medium severity (CVSS 6.4). Public exploit code available and EPSS exploitation probability 19.9%.

Race Condition Information Disclosure Sudo
NVD Exploit-DB
EPSS 1% CVSS 5.9
MEDIUM This Month

Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Ubuntu Linux +1
NVD
EPSS 2% CVSS 7.0
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Apple +4
NVD Exploit-DB
EPSS 2% CVSS 7.0
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Apple +1
NVD Exploit-DB
EPSS 2% CVSS 7.0
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Apple +4
NVD Exploit-DB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Google Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Google Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Google Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Google Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Race Condition Google +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Microsoft +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Information Disclosure Big Ip Local Traffic Manager +9
NVD
EPSS 1% CVSS 8.1
HIGH POC PATCH This Week

Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Race Condition Information Disclosure Radicale
NVD GitHub
EPSS 0% CVSS 8.1
HIGH This Week

Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Race Condition Microsoft +6
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Race Condition Information Disclosure Pulp
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Race Condition +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Backintime
NVD GitHub
EPSS 3% CVSS 7.0
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Apple +4
NVD Exploit-DB
EPSS 5% CVSS 7.0
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Apple +4
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Race Condition Apple +1
NVD
EPSS 21% 4.1 CVSS 10.0
CRITICAL POC THREAT Emergency

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.2%.

Race Condition Privilege Escalation Qemu
NVD Exploit-DB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via. Rated high severity (CVSS 7.0).

Denial Of Service Race Condition Linux +1
NVD GitHub
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. Rated high severity (CVSS 7.0).

Denial Of Service Race Condition Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Netbackup +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a. Rated high severity (CVSS 7.0).

Denial Of Service Race Condition Linux +1
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Linux Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Race Condition Linux +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Race Condition Linux +2
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. Rated medium severity (CVSS 6.4).

Race Condition Information Disclosure Docker
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability. Rated high severity (CVSS 7.5). No vendor patch available.

Race Condition Information Disclosure Qemu +1
NVD VulDB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Authentication Bypass Smack +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Race Condition Linux +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Race Condition Linux +1
NVD GitHub
EPSS 3% CVSS 7.0
HIGH POC PATCH This Week

Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Information Disclosure Oracle +4
NVD GitHub Exploit-DB
EPSS 35% 4.1 CVSS 7.8
HIGH POC PATCH THREAT Act Now

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 34.9%.

Denial Of Service Race Condition Linux +2
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Race Condition Linux +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Race Condition Linux +1
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Denial Of Service Race Condition Linux +1
NVD GitHub
EPSS 94% 7.2 CVSS 7.0
HIGH POC KEV PATCH THREAT Act Now

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev) and public exploit code available.

Information Disclosure Race Condition Linux
NVD GitHub Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Race Condition Google Information Disclosure +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions. Rated high severity (CVSS 7.0).

Race Condition Denial Of Service Google +3
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks. Rated medium severity (CVSS 6.3).

Race Condition Information Disclosure Xen
NVD
Prev Page 18 of 21 Next

Quick Facts

Typical Severity
MEDIUM
Category
web
Total CVEs
1817

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy