It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsusp...

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount...

An issue has been discovered in GitLab CE/EE affecting all versions before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A race condition can le...

Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to bypass private-storage file-access restrictions vi...

In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This could lead to local escalation of privilege that fails to rem...

In sec_media_protect of media.c, there is a possible permission bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User in...