Total
2375 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41769 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2026-06-17 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41768 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2026-06-17 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41767 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2026-06-17 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41765 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2026-06-17 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-41306 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 3.7 LOW |
| Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Successful exploitation of this vulnerability may cause the bone voice ID feature to be unavailable. | |||||
| CVE-2023-41090 | 1 Intel | 1 Memory And Storage Tool | 2026-06-17 | N/A | 1.8 LOW |
| Race condition in some Intel(R) MAS software before version 2.3 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-40077 | 1 Google | 1 Android | 2026-06-17 | N/A | 8.1 HIGH |
| In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-3758 | 2 Fedoraproject, Redhat | 23 Fedora, Sssd, Codeready Linux Builder and 20 more | 2026-06-17 | N/A | 7.1 HIGH |
| A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. | |||||
| CVE-2023-3397 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 7.0 HIGH |
| A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information. | |||||
| CVE-2023-3301 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2026-06-17 | N/A | 5.6 MEDIUM |
| A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service. | |||||
| CVE-2023-3108 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 6.2 MEDIUM |
| A flaw was found in the subsequent get_user_pages_fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher_recvmsg of crypto/algif_skcipher.c function. This flaw allows a local user to crash the system. | |||||
| CVE-2023-38616 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 7.0 HIGH |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-38538 | 1 Whatsapp | 1 Whatsapp | 2026-06-17 | N/A | 5.0 MEDIUM |
| A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability. | |||||
| CVE-2023-38537 | 1 Whatsapp | 1 Whatsapp | 2026-06-17 | N/A | 5.6 MEDIUM |
| A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability. | |||||
| CVE-2023-38409 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 5.5 MEDIUM |
| An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info). | |||||
| CVE-2023-38166 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2026-06-17 | N/A | 8.1 HIGH |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2023-38159 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2026-06-17 | N/A | 7.0 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2023-37904 | 1 Discourse | 1 Discourse | 2026-06-17 | N/A | 2.6 LOW |
| Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. As a workaround, use restrict to email address invites. | |||||
| CVE-2023-37244 | 2 Microsoft, N-able | 2 Windows, Automation Manager | 2026-06-17 | N/A | 5.3 MEDIUM |
| The affected AutomationManager.AgentService.exe application contains a TOCTOU race condition vulnerability that allows standard users to create a pseudo-symlink at C:\ProgramData\N-Able Technologies\AutomationManager\Temp, which could be leveraged by an attacker to manipulate the process into performing arbitrary file deletions. We recommend upgrading to version 2.91.0.0 | |||||
| CVE-2023-36902 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2026-06-17 | N/A | 7.0 HIGH |
| Windows Runtime Remote Code Execution Vulnerability | |||||