Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
race condition vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2414
Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote malicious users to cause a denial of service (application crash) via a large HTML file that loads a DOM call from within nested DIV tags, which causes part o...
Xpcom Xpcom
1 EDB exploit
NA
CVE-2000-0890
periodic in FreeBSD 4.1.1 and previous versions, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
Freebsd Freebsd 6.2
NA
CVE-2011-1485
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
Redhat Policykit 0.96
3 EDB exploits
1 Github repository
NA
CVE-2012-1201
Testtrack For Linux Race Condition
NA
CVE-2017-149552017
Check_mk versions 1.2.8p25 and below suffer from a save_users() race condition that leads to sensitive information disclosure.
5.9
CVSSv3
CVE-2023-4642
The kk Star Ratings WordPress plugin prior to 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition.
Kamalkhan Kk Star Ratings
NA
CVE-2017-149552
Check_mk versions 1.2.8p25 and below suffer from a save_users() race condition that leads to sensitive information disclosure.
7
CVSSv3
CVE-2013-3685
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.
Spritesoftware Spritebackup 2.5.4105
Spritesoftware Spritebackup 2.5.4108
Spritesoftware Spritebud 1.3.24
Spritesoftware Spritebud 1.3.28
1 Github repository
NA
CVE-2007-3103
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Fedoraproject Fedora Core 6.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Redhat Linux
1 EDB exploit
NA
CVE-2001-1085
Lmail 2.7 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Jon Zeeff Lmail 2.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »