Total
1513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-42864 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-02-28 | N/A | 7.0 HIGH |
| A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32764 | 1 Intel | 1 Driver \& Support Assistant | 2024-02-28 | N/A | 7.0 HIGH |
| Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-2742 | 1 Google | 3 Chrome, Chrome Os, Linux And Chrome Os | 2024-02-28 | N/A | 8.8 HIGH |
| Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chrome security severity: High) | |||||
| CVE-2023-23039 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 5.7 MEDIUM |
| An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open(), aka a race condition between vcc_open() and vcc_remove(). | |||||
| CVE-2022-39134 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-28 | N/A | 4.7 MEDIUM |
| In audio driver, there is a use after free due to a race condition. This could lead to local denial of service in kernel. | |||||
| CVE-2022-46689 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-02-28 | N/A | 7.0 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-36532 | 1 Portfoliocms Project | 1 Portfoliocms | 2024-02-28 | N/A | 8.1 HIGH |
| Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php. | |||||
| CVE-2022-2583 | 1 Gobase Project | 1 Gobase | 2024-02-28 | N/A | 3.7 LOW |
| A race condition can cause incorrect HTTP request routing. | |||||
| CVE-2022-47331 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-28 | N/A | 4.7 MEDIUM |
| In wlan driver, there is a race condition. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-45869 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 5.5 MEDIUM |
| A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled. | |||||
| CVE-2022-22737 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-02-28 | N/A | 7.5 HIGH |
| Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | |||||
| CVE-2022-32645 | 2 Google, Mediatek | 19 Android, Mt6789, Mt6833 and 16 more | 2024-02-28 | N/A | 4.1 MEDIUM |
| In vow, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494477; Issue ID: ALPS07494477. | |||||
| CVE-2022-4037 | 1 Gitlab | 1 Gitlab | 2024-02-28 | N/A | 8.5 HIGH |
| An issue has been discovered in GitLab CE/EE affecting all versions before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A race condition can lead to verified email forgery and takeover of third-party accounts when using GitLab as an OAuth provider. | |||||
| CVE-2022-36318 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-02-28 | N/A | 5.3 MEDIUM |
| When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. | |||||
| CVE-2022-22746 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2024-02-28 | N/A | 5.9 MEDIUM |
| A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | |||||
| CVE-2022-44669 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2024-02-28 | N/A | 7.0 HIGH |
| Windows Error Reporting Elevation of Privilege Vulnerability | |||||
| CVE-2023-0739 | 1 Answer | 1 Answer | 2024-02-28 | N/A | 6.8 MEDIUM |
| Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4. | |||||
| CVE-2022-32621 | 2 Google, Mediatek | 3 Android, Mt6895, Mt6983 | 2024-02-28 | N/A | 6.4 MEDIUM |
| In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310829. | |||||
| CVE-2022-32844 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-02-28 | N/A | 6.3 MEDIUM |
| A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication. | |||||
| CVE-2022-42771 | 2 Google, Unisoc | 14 Android, S8020, Sc7731e and 11 more | 2024-02-28 | N/A | 4.7 MEDIUM |
| In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. | |||||