CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,390 vulnerabilities with CWE-362
CVE-2024-49095 HIGH
Windows PrintWorkflowUserSvc - Elevation of Privilege via Race Condition
CVSS 7.0
CVE-2024-49084 HIGH
Windows Kernel - Elevation of Privilege via Race Condition
CVSS 7.0
CVE-2024-49059 HIGH
Microsoft 365 Apps and Office - Elevation of Privilege via Race Condition
CVSS 7.0
CVE-2024-53136 MEDIUM
Linux Kernel 4.19.323-4.19.324 - Deadlock via tmpfs over NFS
CVSS 4.7
CVE-2024-53124 MEDIUM
Linux Kernel 4.4-6.11.10 - Data Race in sk_forward_alloc
CVSS 4.7
CVE-2024-53123 MEDIUM
Linux Kernel 6.1.60-6.1.118 - Denial of Service via MPTCP Disconnect Race Condition
CVSS 5.5
CVE-2024-53122 MEDIUM
Linux Kernel 5.10-6.11.10 - DoS via Race Condition in MPTCP Subflow Creation
CVSS 5.5
CVE-2024-53121 MEDIUM
Linux Kernel 5.1-6.1.118 - Use-After-Free in mlx5_del_flow_rules
CVSS 5.5
CVE-2024-36615 MEDIUM
FFmpeg n7.0 - Race Condition in VP9 Decoder
CVSS 5.9
CVE-2024-36623 HIGH
moby < 25.0.3 - Race Condition in streamformatter Package
CVSS 8.1
CVE-2024-36621 MEDIUM
Moby < 26.0.0 - Race Condition in Layer Snapshot Adapter
CVSS 6.5
CVE-2024-11708 MEDIUM
Firefox < 133 and Thunderbird < 133 - Data Race via PlaybackParams Structure
CVSS 6.5
CVE-2024-49353 HIGH
IBM Watson Speech Services Cartridge 4.0.0-5.0.2 Race Condition via Concurrent Access
CVSS 7.5
CVE-2024-53100 MEDIUM
Linux Kernel - Race Condition in NVMe TCP Queue Lock Handling
CVSS 4.7
CVE-2024-53088 MEDIUM
Linux Kernel 4.10-5.15.171, 5.16-6.1.116, 6.2-6.6.60, 6.7-6.11.7 - Race Condition in i40e MAC/VLAN Filter Handling
CVSS 4.7
CVE-2024-48991 HIGH
needrestart < 3.8 - Local Privilege Escalation via Python Interpreter Race Condition
CVSS 7.8
CVE-2024-48069 CRITICAL
Weaver E-cology - Race Condition leading to Arbitrary File Upload and Privilege Escalation
CVSS 9.8
CVE-2024-50297 MEDIUM
Linux Kernel 6.8-6.11.8 - Race Condition in AXI Ethernet DMA Packet Enqueue
CVSS 4.7
CVE-2024-29211 MEDIUM
Ivanti Secure Access Client <22.7R4 - Privilege Escalation
CVSS 4.7
CVE-2024-50313 MEDIUM
Mendix 8.0.0-9.24.29 - Unauthenticated Account Lockout Bypass via Race Condition in Basic Authentication
CVSS 5.3
CVE-2024-50183 MEDIUM
Linux Kernel - Race Condition in NPIV Instance Deletion via DA_ID Handling
CVSS 4.7
CVE-2024-50174 MEDIUM
Linux Kernel 6.10-6.10.13, 6.11-6.11.2 - Race Condition in drm/panthor Group Handle Conversion
CVSS 4.7
CVE-2024-50135 MEDIUM
Linux Kernel 4.6-6.6.58, 6.7.0-6.11.5 - Race Condition in NVMe PCI Queue Management
CVSS 4.7
CVE-2024-51515 MEDIUM
HarmonyOS - Denial of Service via Kernel Network Module Race Condition
CVSS 6.2
CVE-2024-10468 MEDIUM
Firefox < 132.0 - Memory Corruption via IndexedDB Race Condition
CVSS 5.3
Details
Vulnerabilities 2,390
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits