Total
1513 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-3567 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 6.4 MEDIUM |
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier assigned to this vulnerability. | |||||
CVE-2022-3307 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2022-1729 | 2 Linux, Netapp | 2 Linux Kernel, Hci Baseboard Management Controller | 2024-02-28 | N/A | 7.0 HIGH |
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. | |||||
CVE-2022-2160 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2024-02-28 | N/A | 6.5 MEDIUM |
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page. | |||||
CVE-2022-21772 | 2 Google, Mediatek | 21 Android, Mt6761, Mt6765 and 18 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
In TEEI driver, there is a possible type confusion due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493842; Issue ID: ALPS06493842. | |||||
CVE-2022-39328 | 1 Grafana | 1 Grafana | 2024-02-28 | N/A | 8.1 HIGH |
Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patched in 9.2.4. There are no known workarounds. | |||||
CVE-2022-42831 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-02-28 | N/A | 6.4 MEDIUM |
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-33636 | 1 Microsoft | 1 Edge Chromium | 2024-02-28 | N/A | 8.3 HIGH |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
CVE-2022-42791 | 1 Apple | 2 Iphone Os, Macos | 2024-02-28 | N/A | 7.0 HIGH |
A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-36422 | 1 Wp-postratings Project | 1 Wp-postratings | 2024-02-28 | N/A | 3.1 LOW |
Rating increase/decrease via race condition in Lester 'GaMerZ' Chan WP-PostRatings plugin <= 1.89 at WordPress. | |||||
CVE-2022-35796 | 1 Microsoft | 1 Edge Chromium | 2024-02-28 | N/A | 7.5 HIGH |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
CVE-2022-26928 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-02-28 | N/A | 7.0 HIGH |
Windows Photo Import API Elevation of Privilege Vulnerability | |||||
CVE-2022-2961 | 3 Fedoraproject, Linux, Netapp | 12 Fedora, Linux Kernel, H300s and 9 more | 2024-02-28 | N/A | 7.0 HIGH |
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||
CVE-2022-20344 | 1 Google | 1 Android | 2024-02-28 | N/A | 7.0 HIGH |
In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process communication due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-232541124 | |||||
CVE-2022-20256 | 1 Google | 1 Android | 2024-02-28 | N/A | 6.4 MEDIUM |
In the Audio HAL, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222572821 | |||||
CVE-2022-38014 | 1 Microsoft | 2 Azure Iot Edge For Linux, Windows Subsystem For Linux | 2024-02-28 | N/A | 7.0 HIGH |
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | |||||
CVE-2022-3623 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | N/A | 7.5 HIGH |
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability. | |||||
CVE-2022-2617 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. | |||||
CVE-2022-42806 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-02-28 | N/A | 7.0 HIGH |
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2020-36558 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 5.1 MEDIUM |
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. |