High
CVE-2023-40077
In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. Use…
Tag: Race Condition
All CVEs associated with "Race Condition". Page 9/20 • 2345 CVEs.
Subscribe CVEs: RSS for “Race Condition” · RSS (High+Critical only)
About “Race Condition”
A curated feed of “Race Condition”-related CVEs appears below. We currently track 2345 CVEs for this tag (all time). In the last 365 days, 591 were published. Average CVSS is 6.2 (all time; 6.6 over 365d), and 44% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition, CWE-416 - Use After Free.
In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2023-12-04
Critical
CVE-2023-21215
In DevmemIntAcquireRemoteCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additi…
2023-11-30
Low
CVE-2023-37867
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plug…
2023-11-28
Medium
CVE-2023-45286
A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same *bytes.Buffer more than once, when requ…
2023-11-27
Medium
CVE-2023-4642
The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition.
2023-11-15
Low
CVE-2023-30954
The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized.
2023-11-14
Medium
CVE-2023-22310
Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.
High
CVE-2023-20571
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
Medium
CVE-2023-6109
The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add() function. This makes it possible fo…
2023-11-09
High
CVE-2023-39198
A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the…
2023-11-08
Medium
CVE-2022-48613
Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.
2023-11-06
High
CVE-2023-32832
In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede…
2023-11-03
High
CVE-2023-1476
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local u…
High
CVE-2023-41914
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.
2023-11-01
High
CVE-2023-3397
A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash…
2023-10-27
High
CVE-2023-40131
In GpuService of GpuService.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User inte…
High
CVE-2023-46813
An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of…
2023-10-25
High
CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to…
2023-10-23
Medium
CVE-2021-26737
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A local adversary without sufficient privileges may be able to shutdown the Zscaler tunnel by exploiting…
2023-10-18
Low
CVE-2023-45145
Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2)…
2023-10-14
Medium
CVE-2023-45863
An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.
2023-10-11
Medium
CVE-2023-44188
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple…
Medium
CVE-2023-35645
In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
2023-10-04
Medium
CVE-2023-38538
A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probabi…
Medium
CVE-2023-38537
A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected…
2023-10-03
High
CVE-2023-43976
An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and winning the race condition (TOCTOU) via the PrivilegedHelperTool component.
Medium
CVE-2023-34970
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefull…
Medium
CVE-2023-33200
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give th…
2023-09-28
Medium
CVE-2023-42756
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wron…
2023-09-27
Medium
CVE-2023-41979
A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14. An app may be able to modify protected parts of the file system.
2023-09-15
High
CVE-2023-3891
Race condition in Lapce v0.2.8 allows an attacker to elevate privileges on the system
2023-09-14
High
CVE-2022-47631
Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Serv…
2023-09-13
Medium
CVE-2023-4155
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability…
Medium
CVE-2023-20135
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is…
2023-09-11
High
CVE-2023-27470
BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading…
2023-09-09
High
CVE-2023-41915
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.
2023-09-06
Low
CVE-2023-41329
WireMock is a tool for mocking HTTP services. The proxy mode of WireMock, can be protected by the network restrictions configuration, as documented in Preventing proxying to and recording from specif…
High
CVE-2023-38616
A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.
High
CVE-2023-4244
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control…
2023-09-04
Medium
CVE-2023-20851
In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploi…
Medium
CVE-2023-20838
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for expl…
Medium
CVE-2023-20835
In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp…
Medium
CVE-2023-20834
In pda, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi…
Medium
CVE-2023-20827
In ims service, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
2023-08-20
High
CVE-2023-37250
Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a u…
2023-08-14
Medium
CVE-2023-21290
In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges nee…
2023-08-11
High
CVE-2023-34438
Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Medium
CVE-2023-34349
Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Medium
CVE-2023-22276
Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local acc…
2023-08-07
Medium
CVE-2023-20801
In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp…
Medium
CVE-2023-20788
In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ex…
Medium
CVE-2023-20787
In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ex…
2023-08-03
Medium
CVE-2023-4127
Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1.
2023-08-01
Medium
CVE-2023-4049
Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox…
2023-07-24
Medium
CVE-2023-3750
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same o…
Medium
CVE-2023-33951
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operatio…
2023-07-13
Low
CVE-2023-21262
In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations.…
2023-07-12
Medium
CVE-2022-48451
In bluetooth service, there is a possible out of bounds write due to race condition. This could lead to local denial of service with System execution privileges needed.
2023-07-11
Medium
CVE-2023-1672
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on th…
2023-07-06
Medium
CVE-2022-48509
Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally.
2023-07-04
Low
CVE-2023-2010
The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may all…
Medium
CVE-2023-20771
In display, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…
2023-06-28
Medium
CVE-2023-21178
In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User int…
2023-06-23
High
CVE-2023-32413
A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6…
2023-06-15
High
CVE-2023-21101
In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed.…
Medium
CVE-2023-21095
In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additiona…
High
CVE-2022-4149
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory (C:\Users\Public\netSkope) for a standard user. The files are created…
2023-06-13
Medium
CVE-2023-3218
Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5.
2023-06-06
Medium
CVE-2023-20750
In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for e…
Medium
CVE-2023-20736
In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e…
2023-06-02
High
CVE-2023-29537
Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112,…
2023-05-31
Medium
CVE-2023-2612
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to c…
2023-05-30
High
CVE-2023-33974
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send multiple cr…
2023-05-29
Low
CVE-2023-30571
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of…
2023-05-22
Medium
CVE-2023-33288
An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system d…
2023-05-18
Medium
CVE-2023-33203
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.
2023-05-17
High
CVE-2023-25394
Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script attempts to update Videostream every 5 hours.
2023-05-15
Medium
CVE-2023-20717
In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exp…
2023-05-10
Medium
CVE-2023-0008
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall throug…
Medium
CVE-2023-32570
VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.
2023-05-09
Medium
CVE-2023-28126
An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in t…
Medium
CVE-2021-46792
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon a…
2023-05-08
Medium
CVE-2023-31141
OpenSearch is open-source software suite for search, analytics, and observability applications. Prior to versions 1.3.10 and 2.7.0, there is an issue with the implementation of fine-grained access co…
Medium
CVE-2023-27952
A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks.
2023-04-27
Medium
CVE-2022-38730
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in…
2023-04-24
High
CVE-2023-2006
A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an ob…
Medium
CVE-2023-31083
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is s…
2023-04-18
Medium
CVE-2023-28142
A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to escalate privileges limited on the local machine during u…
2023-04-17
Medium
CVE-2023-28984
A Use After Free vulnerability in the Layer 2 Address Learning Manager (l2alm) of Juniper Networks Junos OS on QFX Series allows an adjacent attacker to cause the Packet Forwarding Engine to crash an…
2023-04-16
Medium
CVE-2023-30772
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.
2023-04-14
Medium
CVE-2023-29529
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of particip…
High
CVE-2023-26980
PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot…
High
CVE-2023-1285
Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause…
2023-04-13
High
CVE-2022-33270
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
2023-04-12
Medium
CVE-2023-0006
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race cond…
High
CVE-2023-1872
A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which…
2023-04-11
High
CVE-2022-43946
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in…
2023-04-06
Medium
CVE-2023-20687
In display drm, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e…
Medium
CVE-2023-20686
In display drm, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e…
Medium
CVE-2023-20685
In vdec, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for explo…
Medium
CVE-2023-20684
In vdec, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for explo…
2023-04-04
Medium
CVE-2022-48223
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe is called by the Acuant installer to repair certificates. This call is vulnerable to DLL hijacking du…
High
CVE-2022-48221
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Multiple MSI's get executed out of a standard-user writable directory. Through a race condition and OpLock manipulation, these files…
2023-03-24
Medium
CVE-2023-21055
In dit_hal_ioctl of dit.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no…
Medium
CVE-2023-21031
In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User inter…
2023-03-23
Medium
CVE-2023-0590
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix…
2023-03-16
High
CVE-2023-28466
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
2023-03-14
High
CVE-2023-28144
KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls.
2023-03-10
Critical
CVE-2022-33257
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
2023-03-07
Medium
CVE-2023-20625
In adsp, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploita…
2023-03-06
Medium
CVE-2021-20251
A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
2023-02-27
Medium
CVE-2023-23520
A race condition was addressed with additional validation. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as r…
Medium
CVE-2022-46713
A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the fi…
Medium
CVE-2022-32844
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be abl…
2023-02-22
Medium
CVE-2023-23039
An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while callin…
2023-02-16
High
CVE-2022-32764
Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.
2023-02-12
Medium
CVE-2022-47331
In wlan driver, there is a race condition. This could lead to local denial of service in wlan services.
2023-02-08
Medium
CVE-2023-0739
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4.
2023-02-07
High
CVE-2023-0705
Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium secur…
2023-02-06
Medium
CVE-2023-20611
In gpu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi…