ReportizFlow
Filtered by vendor
Subscriptions
Total
2034 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21376 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-12 | 8.1 High |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | ||||
| CVE-2022-32844 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2025-03-11 | 6.3 Medium |
| A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication. | ||||
| CVE-2022-34725 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-03-11 | 7 High |
| Windows ALPC Elevation of Privilege Vulnerability | ||||
| CVE-2022-26928 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-03-11 | 7 High |
| Windows Photo Import API Elevation of Privilege Vulnerability | ||||
| CVE-2022-46713 | 1 Apple | 1 Macos | 2025-03-11 | 4.7 Medium |
| A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system. | ||||
| CVE-2023-22499 | 1 Deno | 1 Deno | 2025-03-11 | 7.5 High |
| Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the terminal screen after permission prompt was shown and write a generic message. This situation impacts users who use Web Worker API and relied on interactive permission prompt. The reproduction is very timing sensitive and can’t be reliably reproduced on every try. This problem can not be exploited on systems that do not attach an interactive prompt (for example headless servers). The problem has been fixed in Deno v1.29.3; it is recommended all users update to this version. Users are advised to upgrade. Users unable to upgrade may run with --no-prompt flag to disable interactive permission prompts. | ||||
| CVE-2021-20251 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2025-03-06 | 5.9 Medium |
| A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met. | ||||
| CVE-2023-32258 | 3 Linux, Netapp, Redhat | 6 Linux Kernel, H300s, H410s and 3 more | 2025-03-05 | 8.1 High |
| A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_LOGOFF and SMB2_CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. | ||||
| CVE-2022-48366 | 1 Ibexa | 7 Commerce, Digital Experience Platform, Ez Platform and 4 more | 2025-03-04 | 3.7 Low |
| An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack. | ||||
| CVE-2024-58048 | 2025-03-04 | 6.7 Medium | ||
| Multi-thread problem vulnerability in the package management module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-28142 | 1 Qualys | 1 Cloud Agent | 2025-03-03 | 6.7 Medium |
| A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to escalate privileges limited on the local machine during uninstallation of the Qualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on that asset to run arbitrary commands. At the time of this disclosure, versions before 4.0 are classified as End of Life. | ||||
| CVE-2023-35309 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-03-01 | 7.5 High |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||||
| CVE-2023-28144 | 1 Kdab | 1 Hotspot | 2025-02-27 | 7 High |
| KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls. | ||||
| CVE-2023-21031 | 1 Google | 1 Android | 2025-02-25 | 4.7 Medium |
| In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242688355 | ||||
| CVE-2022-40310 | 1 Blazzdev | 1 Rate My Post - Wp Rating System | 2025-02-20 | 4.3 Medium |
| Authenticated (subscriber+) Race Condition vulnerability in Rate my Post – WP Rating System plugin <= 3.3.4 at WordPress allows attackers to increase/decrease votes. | ||||
| CVE-2022-40130 | 1 Wp-polls Project | 1 Wp-polls | 2025-02-20 | 4.3 Medium |
| Auth. (subscriber+) Race Condition vulnerability in WP-Polls plugin <= 2.76.0 on WordPress. | ||||
| CVE-2022-36422 | 1 Wp-postratings Project | 1 Wp-postratings | 2025-02-20 | 4.3 Medium |
| Rating increase/decrease via race condition in Lester 'GaMerZ' Chan WP-PostRatings plugin <= 1.89 at WordPress. | ||||
| CVE-2023-48366 | 2025-02-18 | 5.3 Medium | ||
| Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2023-49603 | 2025-02-18 | 7.5 High | ||
| Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-36262 | 2025-02-18 | 7.2 High | ||
| Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||