CVE & Exploit Intelligence Database

CVE-2025-62215 7.0 HIGH KEV 7 PoCs Analysis EPSS 0.01

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.

CWE-415 Nov 11, 2025

CVE-2025-55226 6.7 MEDIUM 1 PoC Analysis EPSS 0.00

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally.

CWE-362 Sep 09, 2025

CVE-2025-38561 4.7 MEDIUM 1 PoC Analysis EPSS 0.00

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.

CWE-362 Aug 19, 2025

CVE-2025-49744 7.0 HIGH 1 PoC Analysis EPSS 0.01

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CWE-362 Jul 08, 2025

CVE-2025-32710 8.1 HIGH 1 PoC Analysis EPSS 0.00

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

CWE-362 Jun 10, 2025

CVE-2025-5054 4.7 MEDIUM 1 PoC Analysis EPSS 0.00

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).

CWE-362 May 30, 2025

CVE-2025-32421 3.7 LOW 3 PoCs Analysis EPSS 0.00

Next.js is a React framework for building full-stack web applications. Versions prior to 14.2.24 and 15.1.6 have a race-condition vulnerability. This issue only affects the Pages Router under certain misconfigurations, causing normal endpoints to serve `pageProps` data instead of standard HTML. This issue was patched in versions 15.1.6 and 14.2.24 by stripping the `x-now-route-matches` header from incoming requests. Applications hosted on Vercel's platform are not affected by this issue, as the platform does not cache responses based solely on `200 OK` status without explicit `cache-control` headers. Those who self-host Next.js deployments and are unable to upgrade immediately can mitigate this vulnerability by stripping the `x-now-route-matches` header from all incoming requests at the content development network and setting `cache-control: no-store` for all responses under risk. The maintainers of Next.js strongly recommend only caching responses with explicit cache-control headers.

CWE-362 May 14, 2025

CVE-2024-53476 5.9 MEDIUM 1 PoC Analysis EPSS 0.01

A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as the system fails to accurately track inventory under high concurrency, resulting in potential loss and unfulfilled orders.

CWE-362 Dec 27, 2024

CVE-2024-27876 5.5 MEDIUM 1 PoC Analysis EPSS 0.00

A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.

CWE-362 Sep 17, 2024

CVE-2024-7627 8.1 HIGH 2 PoCs Analysis EPSS 0.29

The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions.

CWE-362 Sep 05, 2024

CVE-2024-40815 7.5 HIGH 1 PoC Analysis EPSS 0.06

A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

CWE-362 Jul 29, 2024

CVE-2024-6778 7.5 HIGH 2 PoCs Analysis EPSS 0.13

Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

CWE-362 Jul 16, 2024

CVE-2024-6387 8.1 HIGH EXPLOITED 97 PoCs Analysis EPSS 0.32

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CWE-364 Jul 01, 2024

CVE-2024-28999 6.4 MEDIUM 2 PoCs Analysis EPSS 0.06

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.

CWE-362 Jun 04, 2024

CVE-2024-27983 8.2 HIGH 1 PoC Analysis EPSS 0.76

An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition.

CWE-362 Apr 09, 2024

CVE-2024-29863 7.8 HIGH 1 PoC Analysis EPSS 0.03

A race condition in the installer executable in Qlik Qlikview before versions May 2022 SR3 (12.70.20300) and May 2023 SR2 (12,80.20200) may allow an existing lower privileged user to cause code to be executed in the context of a Windows Administrator.

CWE-362 Apr 05, 2024

CVE-2024-2193 5.7 MEDIUM 1 PoC Analysis EPSS 0.01

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.

CWE-362 Mar 15, 2024

CVE-2022-3328 7.8 HIGH 1 PoC Analysis EPSS 0.00

Race condition in snap-confine's must_mkdir_and_open_with_perms()

CWE-362 Jan 08, 2024

CVE-2023-6546 7.0 HIGH 1 PoC Analysis EPSS 0.00

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.

CWE-362 Dec 21, 2023

CVE-2023-36884 7.5 HIGH KEV RANSOMWARE 9 PoCs Analysis EPSS 0.93

Windows Search Remote Code Execution Vulnerability

CWE-362 Jul 11, 2023