Total
2342 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-2544 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time. | ||||
| CVE-2014-2243 | 1 Mediawiki | 1 Mediawiki | 2025-04-12 | N/A |
| includes/User.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x before 1.21.6, and 1.22.x before 1.22.3 terminates validation of a user token upon encountering the first incorrect character, which makes it easier for remote attackers to obtain access via a brute-force attack that relies on timing differences in responses to incorrect token guesses. | ||||
| CVE-2023-21771 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2022 | 2025-04-12 | 7 High |
| Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability | ||||
| CVE-2022-2583 | 1 Gobase Project | 1 Gobase | 2025-04-11 | 3.7 Low |
| A race condition can cause incorrect HTTP request routing. | ||||
| CVE-2022-46174 | 2 Amazon, Redhat | 3 Efs-utils, Elastic File System Container Storage Interface Driver, Openshift | 2025-04-11 | 4.2 Medium |
| efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior to applying the TLS tunnel. In affected versions, concurrent mount operations can allocate the same local port, leading to either failed mount operations or an inappropriate mapping from an EFS customer’s local mount points to that customer’s EFS file systems. This issue is patched in version v1.34.4. There is no recommended work around. We recommend affected users update the installed version of efs-utils to v1.34.4 or later. | ||||
| CVE-2010-0923 | 1 Kde | 1 Kde Sc | 2025-04-11 | N/A |
| Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes. | ||||
| CVE-2012-0656 | 1 Apple | 1 Mac Os X | 2025-04-11 | N/A |
| Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is enabled, allows physically proximate attackers to login to arbitrary accounts by entering the account name and no password. | ||||
| CVE-2012-0644 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture. | ||||
| CVE-2011-5119 | 1 Comodo | 1 Comodo Internet Security | 2025-04-11 | N/A |
| Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass the Defense+ feature via unspecified vectors. | ||||
| CVE-2011-0753 | 1 Php | 1 Php | 2025-04-11 | N/A |
| Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals. | ||||
| CVE-2011-5118 | 1 Comodo | 1 Comodo Internet Security | 2025-04-11 | N/A |
| Multiple race conditions in Comodo Internet Security before 5.8.213334.2131 allow local users to bypass the Defense+ feature via unspecified vectors. | ||||
| CVE-2010-0732 | 1 Gnome | 2 Gtk, Screensaver | 2025-04-11 | N/A |
| gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times. | ||||
| CVE-2012-1174 | 1 Linux | 1 Systemd | 2025-04-11 | N/A |
| The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session." | ||||
| CVE-2011-4348 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482. | ||||
| CVE-2013-1292 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2025-04-11 | 7.4 High |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability." | ||||
| CVE-2010-5171 | 2 Agnitum, Microsoft | 2 Outpost Security Suite, Windows Xp | 2025-04-11 | N/A |
| Race condition in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | ||||
| CVE-2010-5169 | 2 Emisoft, Microsoft | 2 Online Armor, Windows Xp | 2025-04-11 | 7 High |
| Race condition in Online Armor Premium 4.0.0.35 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | ||||
| CVE-2011-1485 | 1 Redhat | 2 Enterprise Linux, Policykit | 2025-04-11 | N/A |
| Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID. | ||||
| CVE-2011-3090 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes. | ||||
| CVE-2012-1338 | 1 Cisco | 9 Catalyst 3560, Catalyst 3560-e, Catalyst 3560-x and 6 more | 2025-04-11 | N/A |
| Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users to cause a denial of service (device reload) by completing local web authentication quickly, aka Bug ID CSCts88664. | ||||