CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,400 vulnerabilities with CWE-362
CVE-2015-0631
Cisco IPS Sensor Software - Denial of Service via HTTPS Connection Race Condition
CVE-2015-0609
Cisco IOS < 15.4(2)T3 - Denial of Service via Race Condition in Common Classification Engine
CVE-2015-0245
Freedesktop Dbus - Race Condition
CVE-2015-0610
Cisco IOS < 15.5(2)T - Race Condition in Object-Group ACL Feature
CVE-2015-0608
Cisco IOS < 15.4(2)T3 - Denial of Service via MACE Process Switching Race Condition
CVE-2015-1200
pxz 4.999.99 Beta 3 - Info Disclosure
CVE-2014-9748 HIGH
libuv < 1.7.4 - Denial of Service via Race Condition in Windows XP RWLock Implementation
CVSS 8.1
CVE-2014-3856 HIGH
fish 1.23.0-2.1.1 - Local Privilege Escalation via Predictable Temporary File
CVSS 7.0
CVE-2014-2906 HIGH
fish 1.16.0-2.1.1 - Local Arbitrary Command Execution via Predictable Temporary File
CVSS 7.0
CVE-2014-0245 MEDIUM
JBoss Portal <6.2.0 - Info Disclosure
CVSS 5.9
CVE-2014-3701 HIGH
eDeploy - Race Condition via Temporary File Handling
CVSS 8.1
CVE-2014-5255 HIGH
xcfa < 5.0.1 - Symlink Attack via Insecure Temporary File Creation
CVSS 7.0
CVE-2014-5254 MEDIUM
xcfa < 5.0.1 - Symlink Attack via Insecure Temporary File Creation
CVSS 4.7
CVE-2014-4995 HIGH
VladTheEnterprising 0.2 - Info Disclosure
CVSS 7.0
CVE-2014-7953 HIGH
Android 4.4.4 - Race Condition in ActivityManagerService bindBackupAgent
CVSS 7.0
CVE-2014-9966 HIGH
Android - Time-of-check Time-of-use Race Condition in Secure Display
CVSS 7.0
CVE-2014-9941 HIGH
Android - Time-of-Check Time-of-Use Race Condition in Embedded File System
CVSS 7.0
CVE-2014-9936 HIGH
Android TrustZone - Time-of-Check Time-of-Use Race Condition in Authentication Routine
CVSS 7.0
CVE-2014-9914 HIGH
Linux Kernel < 3.15.2 - Use-After-Free via IPv4 UDP Socket Race Condition
CVSS 7.8
CVE-2014-9710
Linux kernel <3.19 - Privilege Escalation
CVE-2014-8122
JBoss Weld < 2.2.8 - Information Disclosure via Stale Thread State
CVE-2014-4813
IBM Tivoli Storage Manager <7.1.1 - Privilege Escalation
CVE-2014-5332
NVIDIA Tegra Linux Kernel 3.10 - Privilege Escalation via NVMap NVMAP_IOC_CREATE IOCTL Race Condition
CVE-2014-8640
Mozilla Firefox <35.0 & SeaMonkey <2.32 - DoS
CVE-2014-9529
Linux Kernel < 3.2.67 - Denial of Service via Key Garbage Collection Race Condition
Details
Vulnerabilities 2,400
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits