CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,398 vulnerabilities with CWE-362
CVE-2017-13905 HIGH
iPhone OS < 11.2, macOS < 10.13.2, tvOS < 11.2, watchOS < 4.2 - Privilege Escalation via Race Condition
CVSS 8.1
CVE-2017-20004 MEDIUM
Rust < 1.19.0 - Race Condition in MutexGuard
CVSS 5.9
CVE-2017-18647 HIGH
Samsung M(6,x) & N(7.0) - Buffer Overflow
CVSS 8.1
CVE-2017-18692 HIGH
Samsung M(6.0)-N(7.0) - Buffer Overflow
CVSS 8.1
CVE-2017-7151 HIGH
iPhone OS < 11.2, macOS < 10.13.2, tvOS < 11.2, watchOS < 4.2, iTunes < 12.7.2 - Race Condition
CVSS 7.0
CVE-2017-15405 HIGH
Google Chrome < 61.0.3163.113 - Arbitrary Code Execution via Symlink Race Condition in Stateful Recovery
CVSS 7.0
CVE-2017-18302 MEDIUM
Qualcomm Snapdragon Firmware - Arbitrary Memory Write via Time-of-Check Time-of-Use Race Condition
CVSS 4.7
CVE-2017-18347 MEDIUM
STM32F0 Series Firmware - Unauthenticated Firmware Extraction via SWD Race Condition
CVSS 4.6
CVE-2017-15358 HIGH
Charles Proxy < 4.2.1 - Local Privilege Escalation via Race Condition in Settings Binary
CVSS 7.0
CVE-2017-2616 MEDIUM
util-linux < 2.32.1 - Authenticated Race Condition via su Child Process Handling
CVSS 5.5
CVE-2017-7543 MEDIUM
OpenStack Neutron < 7.2.0-12.1 - Race Condition Disabling Security Groups
CVSS 5.3
CVE-2017-15856 HIGH
Android - Use-After-Free in Power Stats Debug File Processing
CVSS 7.0
CVE-2017-15843 HIGH
Android - Use-After-Free in msm_bus_floor_vote_context()
CVSS 7.0
CVE-2017-5427 MEDIUM
Firefox < 52.0 - Unauthenticated Arbitrary Code Execution via Chrome Manifest File Injection
CVSS 5.5
CVE-2017-14880 HIGH
Qualcomm Android <2018-04-05 - Info Disclosure
CVSS 7.8
CVE-2017-7004 HIGH
Apple <10.3.2, <10.12.5 - Privilege Escalation
CVSS 7.0
CVE-2017-9691 MEDIUM
Android for MSM/Firefox OS for MSM/QRD Android - Memory Corruption
CVSS 4.7
CVE-2017-15826 HIGH
Android - Double Free in MDSS Rotator
CVSS 7.8
CVE-2017-16512 HIGH
Hashicorp vagrant-vmware-fusion <5.0.4 - Privilege Escalation
CVSS 7.8
CVE-2017-12410 HIGH
Kaseya Virtual System Administrator <9.3.0.11 - Memory Corruption
CVSS 7.4
CVE-2017-18249 HIGH
Linux Kernel < 4.12 - Race Condition in F2FS Node ID Allocation
CVSS 7.0
CVE-2017-15834 HIGH
Android - Heap Overflow via Race Condition in diag_dbgfs_read_dcistats()
CVSS 7.0
CVE-2017-11082 HIGH
Android - Buffer Overflow via WLAN Firmware Update Race Condition
CVSS 7.0
CVE-2017-2619 HIGH
Samba < 4.4.12 - Symlink Race Condition
CVSS 7.5
CVE-2017-18224 MEDIUM
Linux Kernel < 4.15 - Denial of Service via Race Condition in OCFS2 Extent Tree Access
CVSS 4.7
Details
Vulnerabilities 2,398
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits