Total
1553 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48420 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.4 MEDIUM |
| there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-47634 | 2024-11-21 | N/A | 3.1 LOW | ||
| Decidim is a participatory democracy framework. Starting in version 0.10.0 and prior to versions 0.26.9, 0.27.5, and 0.28.0, a race condition in the endorsement of resources (for instance, a proposal) allows a user to make more than once endorsement. To exploit this vulnerability, the request to set an endorsement must be sent several times in parallel. Versions 0.26.9, 0.27.5, and 0.28.0 contain a patch for this issue. As a workaround, disable the Endorsement feature in the components. | |||||
| CVE-2023-45864 | 1 Samsung | 14 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 11 more | 2024-11-21 | N/A | 4.0 MEDIUM |
| A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas. | |||||
| CVE-2023-45286 | 1 Resty Project | 1 Resty | 2024-11-21 | N/A | 5.9 MEDIUM |
| A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same *bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buffer that hasn't had bytes.Buffer.Reset called on it. This dirty buffer will contain the HTTP request body from an unrelated request, and go-resty will append the current HTTP request body to it, sending two bodies in one request. The sync.Pool in question is defined at package level scope, so a completely unrelated server could receive the request body. | |||||
| CVE-2023-42974 | 2024-11-21 | N/A | 7.0 HIGH | ||
| A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-42959 | 2024-11-21 | N/A | 7.0 HIGH | ||
| A race condition was addressed with improved state handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-42832 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.0 HIGH |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to gain root privileges. | |||||
| CVE-2023-42756 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system. | |||||
| CVE-2023-41979 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 4.7 MEDIUM |
| A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14. An app may be able to modify protected parts of the file system. | |||||
| CVE-2023-41915 | 3 Debian, Fedoraproject, Openpmix | 3 Debian Linux, Fedora, Openpmix | 2024-11-21 | N/A | 8.1 HIGH |
| OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. | |||||
| CVE-2023-41914 | 2 Fedoraproject, Schedmd | 2 Fedora, Slurm | 2024-11-21 | N/A | 7.0 HIGH |
| SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files. | |||||
| CVE-2023-41774 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41773 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41771 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41770 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41769 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41768 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41767 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41765 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41306 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 3.7 LOW |
| Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Successful exploitation of this vulnerability may cause the bone voice ID feature to be unavailable. | |||||