CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,393 vulnerabilities with CWE-362
CVE-2021-0652 HIGH
Android 8.1-11 - Memory Corruption via Thread-Unsafe Object Sharing in VectorDrawable
CVSS 7.8
CVE-2021-0483 HIGH
Android 10-11 - Use-After-Free via Race Condition in AAudioService
CVSS 7.8
CVE-2021-31382 MEDIUM
Juniper Junos OS on PTX1000 and PTX10002-60C - Firewall Filter Misassignment via Race Condition
CVSS 6.5
CVE-2021-31364 MEDIUM
Juniper Junos OS SRX300/SRX500/SRX1500/SRX5000 with SPC2 < 20.4R2 - Unauthenticated DoS via Flow Daemon Race Condition
CVSS 5.9
CVE-2021-0298 MEDIUM
Juniper Junos OS Evolved < 20.1R2-EVO - Denial of Service via 'show chassis pic' Command Race Condition
CVSS 4.7
CVE-2021-35494 MEDIUM
TIBCO JasperReports Server - Race Condition
CVSS 5.7
CVE-2021-0688 HIGH
Android - Local Privilege Escalation via Lock Screen Race Condition
CVSS 7.0
CVE-2021-39212 MEDIUM
ImageMagick 6.9.12-0-6.9.12-22 - Race Condition in Policy Enforcement
CVSS 4.4
CVE-2021-1958 MEDIUM
Qualcomm QCA6574A and related firmware - Use-After-Free via Race Condition in FastRPC Kernel Driver
CVSS 6.7
CVE-2021-30714 MEDIUM
iPadOS < 14.6 - Race Condition Leading to Kernel Memory Corruption
CVSS 6.3
CVE-2021-30652 HIGH
iPadOS < 14.5 - Race Condition Leading to Privilege Escalation
CVSS 7.0
CVE-2021-22004 MEDIUM
SaltStack Salt < 3003.3 - Race Condition via Minion Config File
CVSS 6.4
CVE-2021-1884 MEDIUM
iPadOS < 14.5 - Denial of Service via Race Condition
CVSS 5.9
CVE-2021-30786 HIGH
iOS and macOS - Code Execution or Application Termination via Malicious PDF
CVSS 7.0
CVE-2021-28701 HIGH
Xen >=4.0.0 - Race Condition in XENMAPSPACE_grant_table Handling
CVSS 7.8
CVE-2021-40490 HIGH
Linux kernel <5.13.13 - Info Disclosure
CVSS 7.0
CVE-2021-31797 MEDIUM
CyberArk Credential Provider < 12.1 - Password Disclosure via Local Host Race Condition
CVSS 5.1
CVE-2021-28697 HIGH
Xen 4.0.0-4.14.x - Race Condition in Grant Table v2 Status Page De-allocation
CVSS 7.8
CVE-2021-30603 HIGH
Google Chrome <92.0.4515.159 - Heap Corruption
CVSS 7.5
CVE-2021-31004 HIGH
macOS <12.0.1 & <11.5 - Privilege Escalation
CVSS 7.0
CVE-2021-30996 HIGH
macOS Monterey <12.1-iOS <15.2-iPadOS <15.2 - RCE
CVSS 7.0
CVE-2021-30995 HIGH
macOS Big Sur <11.6.2 - Privilege Escalation
CVSS 7.0
CVE-2021-30984 HIGH
Apple OSes and Safari - Code Execution via Malicious Web Content
CVSS 7.5
CVE-2021-30982 MEDIUM
macOS 10.15-10.15.6 and 11.0-11.6.1 - Remote Denial of Service via Race Condition
CVSS 5.9
CVE-2021-30955 HIGH
macOS Monterey <12.1 - Privilege Escalation
CVSS 7.0
Details
Vulnerabilities 2,393
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits