Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
Razer Synapse Race Condition / DLL Hijacking
18.09.2023
Dr. Oliver Schwarz
Med.
Linux 6.4 Use-After-Free / Race Condition
04.09.2023
Jann Horn
High
snap-confine must_mkdir_and_open_with_perms() Race Condition
09.12.2022
Qualys Security Adviso...
Med.
Linux unmap_mapping_range() Race Condition
31.08.2022
Jann Horn
Med.
Linux SO_PEERCRED / SO_PEERGROUPS Race Condition / Use-After-Free
18.11.2021
Jann Horn
High
Razer Chroma SDK Server 3.16.02 Race Condition Remote File Execution
26.11.2020
Loke Hui Yi
Med.
Linux expand_downwards() / munmap() Race Condition
15.09.2020
Jann Horn
High
Linux 5.6 IORING_OP_MADVISE Race Condition
11.05.2020
Jann Horn
High
XNU Missing Locking Race Condition
06.11.2019
Jann Horn
High
Apple Mac OS X Feedback Assistant Race Condition (Metasploit)
26.05.2019
timwr
Med.
Mac OS X Feedback Assistant Race Condition
22.05.2019
timwr
Med.
WebKitGTK+ ThreadedCompositor Race Condition
10.04.2019
Anonymouse
High
Synology Photo Station 6.8.2-3461 SYNOPHOTO_Flickr_MultiUpload Race Condition File Write Remote Code Execution
16.01.2018
mr_me
Med.
Check_MK 1.2.8p25 Information Disclosure
21.10.2017
Julien Ahrens
Med.
Apple PCIe Message Ring Protocol Race Conditions
24.09.2017
laginimaineb
High
Sudo get_process_ttyname() Race Condition
03.06.2017
Qualys
Med.
Android sec_ts Touchscreen Race Condition
19.01.2017
laginimaineb
Med.
Teradata Studio Express 15.12.00.00 Race Condition
20.11.2016
Larry W. Cashdollar
Med.
WordPress W3 Total Cache 0.9.4.1 Race Condition
12.11.2016
Sipke Mellema
High
Linux 4.6 Double-Fetch Race Condition / Buffer Overflow
06.07.2016
Pengfei Wang
Med.
IBM Installation Manager 1.8.1 Race Condition
12.11.2015
Larry W. Cashdollar
Med.
Linux PolicyKit Race Condition Privilege Escalation
19.10.2014
xi4oyu
Med.
Apache Scoreboard / Status Race Condition
22.07.2014
Marek Kroemeke
Low
SUNWbindr Race Condition
21.07.2012
Larry Cashdollar
High
Testtrack for Linux Race Condition
21.03.2012
Simon
Med.
PolicyKit Pwnage linux local privilege escalation on polkit-1 <= 0.101
10.10.2011
zx2c4
Med.
Ubuntu Linux \'mountall\' Local Privilege Escalation Vulnerability
23.09.2010
fuzz
Med.
Microsoft Windows nt!NtCreateThread Race Condition (MS10-047)
23.08.2010
Tavis Ormandy
Med.
Microsoft Windows nt!NtCreateThread Race Condition (MS10-047)
18.08.2010
Tavis Ormandy
Med.
Deliver 2.1.14 Multiple vulnerabilities
30.03.2010
Dan Rosenberg
High
Microsoft SMB Client Pool Overflow (MS10-006)
16.02.2010
Laurent Gaffi, Renaud...
High
linux kernel 2.6.25.15 fs: pipe.c null pointer dereference
06.11.2009
Eugene Teo eugene
Med.
RADactive I-Load Multiple Vulnerabilities
01.10.2009
Stefan Streichsbier
Med.
FreeBSD <= 6.1 kqueue() NULL pointer dereference
23.08.2009
Przemyslaw Frasunek
High
Linux kernel 2.6.18: do_coredump() vs ptrace_start() deadlock
07.07.2009
Eugene Teo
Med.
samba samba-client samba-server samba-swat Denial of Service
09.05.2009
rPath
Med.
Mac OS X xnu <=1228.x (vfssysctl) Local Kernel DoS PoC
05.04.2009
mu-b
Low
BSOD in Win 2k3, Vista x86 and x64 by nonpriviledged user
13.11.2008
support killprog com
Low
Move utrace into task_struct
02.07.2008
Alexey Dobriyan
CVEMAP Search Results
CVE
Details
Description
2024-04-19
CVE-2024-3979
Updating...
A vulnerability, which was classified as problematic, has been found in COVESA vsomeip up to 3.4.10. Affected by this issue is some unknown functionality. The manipulation leads to race condition. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261596.
2024-03-21
CVE-2024-26307
Updating...
Possible race condition vulnerability in Apache Doris. Some of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file. This could theoretically happen, but the impact would be minimal. This issue affects Apache Doris: before 1.2.8, before 2.0.4. Users are recommended to upgrade to version 2.0.4, which fixes the issue.
2024-02-22
CVE-2024-26578
Updating...
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly submit multiple registrations using scripts, it can result in the creation of multiple user accounts simultaneously with the same name. Users are recommended to upgrade to version [1.2.5], which fixes the issue.
2024-01-31
CVE-2024-23651
Updating...
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessible to the build container. The issue has been fixed in v0.12.5. Workarounds include, avoiding using BuildKit frontend from an untrusted source or building an untrusted Dockerfile containing cache mounts with --mount=type=cache,source=... options.
2024-01-10
CVE-2023-49619
Updating...
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarked once. However, repeat submissions through the script can increase the number of collection of the question many times. Users are recommended to upgrade to version [1.2.1], which fixes the issue.
2023-12-23
CVE-2016-15036
Updating...
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Deis Workflow Manager up to 2.3.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to race condition. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version 2.3.3 is able to address this issue. The patch is named 31fe3bccbdde134a185752e53380330d16053f7f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248847. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
2023-12-08
CVE-2023-48420
Updating...
there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
2023-07-28
CVE-2023-37904
Updating...
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. As a workaround, use restrict to email address invites.
2023-07-04
CVE-2023-2010
Updating...
The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may allow a single user to vote multiple times on a poll.
2023-04-17
CVE-2023-30543
Updating...
@web3-react is a framework for building Ethereum Apps . In affected versions the `chainId` may be outdated if the user changes chains as part of the connection flow. This means that the value of `chainId` returned by `useWeb3React()` may be incorrect. In an application, this means that any data derived from `chainId` could be incorrect. For example, if a swapping application derives a wrapped token contract address from the `chainId` *and* a user has changed chains as part of their connection flow the application could cause the user to send funds to the incorrect address when wrapping. This issue has been addressed in PR #749 and is available in updated npm artifacts. There are no known workarounds for this issue. Users are advised to upgrade.
Copyright
2024
, cxsecurity.com
Back to Top
