Total
1513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49706 | 1 Linotp | 2 Linotp, Virtual Appliance | 2024-02-28 | N/A | 6.8 MEDIUM |
| Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions of another user. Attackers must generate repeated API requests to trigger a race condition with concurrent user activity in the self-service portal. | |||||
| CVE-2024-22386 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 4.7 MEDIUM |
| A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | |||||
| CVE-2023-41979 | 1 Apple | 1 Macos | 2024-02-28 | N/A | 4.7 MEDIUM |
| A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14. An app may be able to modify protected parts of the file system. | |||||
| CVE-2023-3397 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 6.3 MEDIUM |
| A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information. | |||||
| CVE-2023-4049 | 2 Debian, Mozilla | 3 Debian Linux, Firefox, Firefox Esr | 2024-02-28 | N/A | 5.9 MEDIUM |
| Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. | |||||
| CVE-2023-34438 | 1 Intel | 142 Compute Element Stk2mv64cc, Compute Element Stk2mv64cc Firmware, Nuc Board Nuc7i3bnb and 139 more | 2024-02-28 | N/A | 7.8 HIGH |
| Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-21290 | 1 Google | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-41914 | 2 Fedoraproject, Schedmd | 2 Fedora, Slurm | 2024-02-28 | N/A | 7.0 HIGH |
| SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files. | |||||
| CVE-2023-3301 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2024-02-28 | N/A | 5.6 MEDIUM |
| A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service. | |||||
| CVE-2023-35645 | 1 Google | 1 Android | 2024-02-28 | N/A | 6.4 MEDIUM |
| In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-20834 | 2 Google, Mediatek | 11 Android, Mt6879, Mt6886 and 8 more | 2024-02-28 | N/A | 6.4 MEDIUM |
| In pda, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608514; Issue ID: ALPS07608514. | |||||
| CVE-2023-20835 | 3 Google, Linuxfoundation, Mediatek | 9 Android, Yocto, Iot Yocto and 6 more | 2024-02-28 | N/A | 6.4 MEDIUM |
| In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570. | |||||
| CVE-2023-4732 | 2 Linux, Redhat | 10 Linux Kernel, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 7 more | 2024-02-28 | N/A | 4.7 MEDIUM |
| A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x. | |||||
| CVE-2023-20827 | 2 Google, Mediatek | 32 Android, Mt6761, Mt6762 and 29 more | 2024-02-28 | N/A | 6.4 MEDIUM |
| In ims service, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937105; Issue ID: ALPS07937105. | |||||
| CVE-2023-38616 | 1 Apple | 1 Macos | 2024-02-28 | N/A | 7.0 HIGH |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-41306 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-28 | N/A | 3.7 LOW |
| Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Successful exploitation of this vulnerability may cause the bone voice ID feature to be unavailable. | |||||
| CVE-2023-37904 | 1 Discourse | 1 Discourse | 2024-02-28 | N/A | 3.1 LOW |
| Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. As a workaround, use restrict to email address invites. | |||||
| CVE-2023-22276 | 1 Intel | 6 Ethernet Network Controller E810-cam1, Ethernet Network Controller E810-cam1 Firmware, Ethernet Network Controller E810-cam2 and 3 more | 2024-02-28 | N/A | 4.7 MEDIUM |
| Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-21262 | 1 Google | 1 Android | 2024-02-28 | N/A | 3.1 LOW |
| In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation. | |||||
| CVE-2023-34349 | 1 Intel | 348 Nuc 11 Compute Element Cm11ebc4w, Nuc 11 Compute Element Cm11ebc4w Firmware, Nuc 11 Compute Element Cm11ebi38w and 345 more | 2024-02-28 | N/A | 6.4 MEDIUM |
| Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||