Total
1828 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-2006 | 2 Linux, Netapp | 2 Linux Kernel, Hci Baseboard Management Controller | 2025-04-23 | N/A | 7.0 HIGH |
| A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel. | |||||
| CVE-2022-42770 | 2 Google, Unisoc | 14 Android, S8019, Sc7731e and 11 more | 2025-04-23 | N/A | 4.7 MEDIUM |
| In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. | |||||
| CVE-2021-39660 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.0 HIGH |
| In TBD of TBD, there is a possible way to archive arbitrary code execution in kernel due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-254742984 | |||||
| CVE-2022-42806 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-22 | N/A | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42803 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-04-22 | N/A | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2025-0439 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 6.5 MEDIUM |
| Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2022-42832 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-21 | N/A | 6.4 MEDIUM |
| A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42831 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-21 | N/A | 6.4 MEDIUM |
| A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-46689 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-04-21 | N/A | 7.0 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-20567 | 1 Google | 1 Android | 2025-04-21 | N/A | 6.4 MEDIUM |
| In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel | |||||
| CVE-2017-14748 | 1 Blizzard | 1 Overwatch | 2025-04-20 | 3.5 LOW | 5.3 MEDIUM |
| Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific time during the initial loading of that match. | |||||
| CVE-2017-10914 | 1 Xen | 1 Xen | 2025-04-20 | 6.8 MEDIUM | 8.1 HIGH |
| The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2. | |||||
| CVE-2017-0727 | 1 Google | 1 Android | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-33004354. | |||||
| CVE-2017-2421 | 1 Apple | 1 Mac Os X | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleGraphicsPowerManagement" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
| CVE-2016-10027 | 2 Fedoraproject, Igniterealtime | 2 Fedora, Smack | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response. | |||||
| CVE-2017-0343 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-20 | 6.9 MEDIUM | 7.0 HIGH |
| All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two functions leading to a denial of service or potential escalation of privileges. | |||||
| CVE-2016-9381 | 2 Citrix, Qemu | 2 Xenserver, Qemu | 2025-04-20 | 6.9 MEDIUM | 7.5 HIGH |
| Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability. | |||||
| CVE-2017-16857 | 1 Atlassian | 1 Bitbucket Auto Unapprove Plugin | 2025-04-20 | 6.0 MEDIUM | 8.5 HIGH |
| It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin, however since the auto-unapprove plugin is not bundled with Bitbucket Server it does not affect any particular version of Bitbucket. | |||||
| CVE-2016-10297 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.0 HIGH |
| In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. | |||||
| CVE-2016-4982 | 1 Teether | 1 Authd | 2025-04-20 | 1.9 LOW | 4.7 MEDIUM |
| authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it. | |||||