Total
1553 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32895 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 4.7 MEDIUM |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. | |||||
| CVE-2022-32844 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-11-21 | N/A | 6.3 MEDIUM |
| A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication. | |||||
| CVE-2022-32764 | 1 Intel | 1 Driver \& Support Assistant | 2024-11-21 | N/A | 7.5 HIGH |
| Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-32645 | 2 Google, Mediatek | 19 Android, Mt6789, Mt6833 and 16 more | 2024-11-21 | N/A | 4.1 MEDIUM |
| In vow, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494477; Issue ID: ALPS07494477. | |||||
| CVE-2022-32621 | 2 Google, Mediatek | 3 Android, Mt6895, Mt6983 | 2024-11-21 | N/A | 6.4 MEDIUM |
| In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310829. | |||||
| CVE-2022-32613 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6768 and 30 more | 2024-11-21 | N/A | 6.4 MEDIUM |
| In vcu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07206340; Issue ID: ALPS07206340. | |||||
| CVE-2022-32612 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6768 and 30 more | 2024-11-21 | N/A | 6.4 MEDIUM |
| In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203500; Issue ID: ALPS07203500. | |||||
| CVE-2022-31758 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-31015 | 1 Agendaless | 1 Waitress | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select(). This will lead to the main thread raising an exception that is not handled and then causing the entire application to be killed. This issue has been fixed in Waitress 2.1.2 by no longer allowing the WSGI thread to close the socket. Instead, that is always delegated to the main thread. There is no work-around for this issue. However, users using waitress behind a reverse proxy server are less likely to have issues if the reverse proxy always reads the full response. | |||||
| CVE-2022-30214 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2022-30212 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| Windows Connected Devices Platform Service Information Disclosure Vulnerability | |||||
| CVE-2022-30205 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
| Windows Group Policy Elevation of Privilege Vulnerability | |||||
| CVE-2022-30198 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2022-30163 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 6.0 MEDIUM | 8.5 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2022-30128 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | 5.1 MEDIUM | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-30127 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | 5.1 MEDIUM | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-30028 | 1 Dradisframework | 1 Dradis | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token. | |||||
| CVE-2022-2961 | 3 Fedoraproject, Linux, Netapp | 12 Fedora, Linux Kernel, H300s and 9 more | 2024-11-21 | N/A | 7.0 HIGH |
| A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||
| CVE-2022-2959 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 7.0 HIGH |
| A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system. | |||||
| CVE-2022-2857 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||