Total
2251 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34725 | 1 Google | 1 Android | 2024-12-17 | 7.0 High |
| In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-34731 | 1 Google | 1 Android | 2024-12-17 | 7.7 High |
| In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-47892 | 2024-12-16 | 7.8 High | ||
| Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU. | ||||
| CVE-2024-11144 | 2024-12-16 | 7.5 High | ||
| The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user from a remote network. The crash causes the FTP service to become unavailable, affecting all users and processes that rely on it for file transfers. If the crash occurs during file upload or download, it could lead to incomplete file transfers, potentially corrupting data. The repeated crash might also affect the stability of the underlying system, especially if it leads to resource leaks or affects other services. | ||||
| CVE-2024-46971 | 2024-12-16 | 7.8 High | ||
| Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU. | ||||
| CVE-2024-1949 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | 2.6 Low |
| A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts. | ||||
| CVE-2024-53102 | 2024-12-12 | 4.7 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-47974 | 2024-12-11 | 4.4 Medium | ||
| Race condition during resource shutdown in some Solidigm DC Products may allow an attacker to potentially enable denial of service. | ||||
| CVE-2024-47968 | 2024-12-11 | 4.4 Medium | ||
| Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service. | ||||
| CVE-2024-32993 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-11 | 5.6 Medium |
| Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-42959 | 1 Apple | 1 Macos | 2024-12-09 | 7.0 High |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2024-32997 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-09 | 8.4 High |
| Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-52720 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-09 | 4.1 Medium |
| Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-32413 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-12-05 | 7.0 High |
| A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to gain root privileges. | ||||
| CVE-2023-20771 | 2 Google, Mediatek | 11 Android, Mt6580, Mt6739 and 8 more | 2024-12-04 | 6.4 Medium |
| In display, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07671046; Issue ID: ALPS07671046. | ||||
| CVE-2023-21178 | 1 Google | 1 Android | 2024-12-04 | 4.1 Medium |
| In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-140762419 | ||||
| CVE-2024-50228 | 1 Redhat | 1 Enterprise Linux | 2024-11-28 | 7.0 High |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-49706 | 1 Linotp | 2 Linotp, Virtual Appliance | 2024-11-26 | 6.8 Medium |
| Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions of another user. Attackers must generate repeated API requests to trigger a race condition with concurrent user activity in the self-service portal. | ||||
| CVE-2018-0480 | 1 Cisco | 1 Ios Xe | 2024-11-26 | N/A |
| A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condition. The vulnerability is due to a race condition that occurs when the VLAN and port enter an errdisabled state, resulting in an incorrect state in the software. An attacker could exploit this vulnerability by sending frames that trigger the errdisable condition. A successful exploit could allow the attacker to cause the affected device to crash, leading to a DoS condition. | ||||
| CVE-2023-2010 | 1 Incsub | 1 Forminator | 2024-11-22 | 3.1 Low |
| The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may allow a single user to vote multiple times on a poll. | ||||