CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,398 vulnerabilities with CWE-362
CVE-2018-11324 MEDIUM
Joomla! < 3.8.8 - Session Deletion Race Condition
CVSS 5.9
CVE-2018-8897 HIGH
Intel 64 and IA-32 Architectures - Privilege Escalation
CVSS 7.8
CVE-2018-5826 MEDIUM
Qualcomm Android <2018-04-05 - Use After Free
CVSS 5.9
CVE-2018-0492 HIGH
beep < 1.3.4 - Local Privilege Escalation via Race Condition
CVSS 7.0
CVE-2018-4167 HIGH
iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Race Condition in File System Events
CVSS 7.0
CVE-2018-4166 HIGH
iPhone OS < 11.3 - Remote Code Execution via NSURLSession Race Condition
CVSS 7.0
CVE-2018-4158 HIGH
iPhone OS < 11.3, macOS < 10.13.4, watchOS < 4.3 - Remote Code Execution via CoreFoundation Race Condition
CVSS 7.0
CVE-2018-4157 HIGH
iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Race Condition in Quick Look
CVSS 7.0
CVE-2018-4156 HIGH
iPhone OS < 11.3 and macOS < 10.13.4 - Race Condition in PluginKit
CVSS 7.0
CVE-2018-4155 HIGH
iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Race Condition in CoreFoundation
CVSS 7.0
CVE-2018-4154 HIGH
iPhone OS < 11.3 and macOS < 10.13.4 - Race Condition in Storage Component
CVSS 7.0
CVE-2018-4152 HIGH
macOS < 10.13.4 - Race Condition in Notes Component
CVSS 7.0
CVE-2018-4151 HIGH
iPhone OS < 11.3 and macOS < 10.13.4 - Race Condition in iCloud Drive
CVSS 7.0
CVE-2018-4092 MEDIUM
macOS < 10.13.3 - Kernel Race Condition via Crafted App
CVSS 4.7
CVE-2018-7566 HIGH
Linux kernel 4.15 - Buffer Overflow via SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl
CVSS 7.8
CVE-2018-8885 HIGH
screen-resolution-extra 0.17.2 - Privilege Escalation
CVSS 7.0
CVE-2018-3561 HIGH
Android - Use-After-Free via Race Condition in diag_ioctl_lsm_deinit()
CVSS 7.0
CVE-2018-7562 HIGH
GLPI < 9.2.1 - Authenticated Remote Code Execution via Race Condition in File Upload
CVSS 7.5
CVE-2018-7998 HIGH
libvips < 8.6.3 - Denial of Service via Race Condition in vips_region_generate
CVSS 7.5
CVE-2018-7995 MEDIUM
Linux Kernel < 4.15.7 - Denial of Service via Race Condition in store_int_with_restart
CVSS 4.7
CVE-2018-7249 HIGH
Microsoft Windows Vista, 7, 8, 8.1 - Use-After-Free via secdrv.sys IOCTL Race Condition
CVSS 7.0
CVE-2018-7441 HIGH
leptonica < 1.75.3 - Arbitrary File Write via Hardcoded /tmp Pathnames
CVSS 7.0
CVE-2018-1049 MEDIUM
systemd < 234 - Denial of Service via Mount and Automount Unit Race Condition
CVSS 5.9
CVE-2018-1000004 MEDIUM
Linux Kernel - Denial of Service via Sound System Race Condition
CVSS 5.9
CVE-2018-5344 HIGH
Linux Kernel < 4.14.13 - Use-After-Free in Loop Device Release
CVSS 7.8
Details
Vulnerabilities 2,398
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits