CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,400 vulnerabilities with CWE-362
CVE-2014-7170
Puppet Server <0.2.0 - Info Disclosure
CVE-2014-9150
Adobe Reader/Acrobat <11.0.09 - Privilege Escalation
CVE-2014-7842
Linux Kernel < 3.17.4 - Denial of Service via MMIO/PIO Transaction Race Condition
CVE-2014-8005
Cisco IOS XR < 5.1.0 - Denial of Service via Lighttpd TCP Session Race Condition
CVE-2014-2667
Python 3.2-3.5 - Race Condition in _get_masked_mode Function
CVE-2014-3611 MEDIUM
Linux Kernel < 3.17.2 - Denial of Service via KVM PIT Emulation Race Condition
CVSS 4.7
CVE-2014-3406
Cisco Intrusion Prevention System < 7.1(7)e4 - Denial of Service via IP Logging Feature Race Condition
CVE-2014-4438
Apple OS X <10.10 - Info Disclosure
CVE-2014-8750
OpenStack Compute (Nova) <2014.1.4, <2014.2-2014.2rc1 - Privilege E...
CVE-2014-8086 MEDIUM
Linux Kernel < 3.17 - Denial of Service via Race Condition in ext4_file_write_iter
CVSS 4.7
CVE-2014-3385
Cisco ASA Software 8.3-9.1 - Denial of Service via TCP Half-Open Connection Race Condition
CVE-2014-7154
Xen 4.0.0-4.4.x - DoS
CVE-2014-4386
Apple iOS <8 - Privilege Escalation
CVE-2014-4353
iPhone OS < 7.1.2 - Information Disclosure via iMessage Attachment Race Condition
CVE-2014-5033
KDE kdelibs < 4.14 and kauth < 5.1 - Local Privilege Escalation via PolkitUnixProcess Race Condition
CVE-2014-3509
OpenSSL 1.0.0-1.0.0m and 1.0.1-1.0.1h - Denial of Service via EC Supported Point Formats Extension Race Condition
CVE-2014-3251
Puppet Enterprise < 3.3.0 and Mcollective < 2.5.3 - Race Condition in aes_security Plugin
CVE-2014-5195
Unity < 7.2.3 and 7.3.x < 7.3.1 - Lock Screen Bypass via Keyboard Focus Race Condition
CVE-2014-1419
acpi-support < 0.142 - Privilege Escalation via Race Condition in Power Policy Functions
CVE-2014-0226
Apache HTTP Server 2.2.0-2.2.28 - Denial of Service via mod_status Scoreboard Handling
CVE-2014-4699
Linux kernel <3.15.4 - Privilege Escalation
CVE-2014-4652
Linux Kernel <3.15.2 - Info Disclosure
CVE-2014-3940
Linux kernel <3.14.5 - Memory Corruption
CVE-2014-0196 MEDIUM KEV
Linux Kernel < 3.14.3 - Denial of Service and Privilege Escalation via Race Condition in n_tty_write
CVSS 5.5
CVE-2014-1441
Core FTP Server 1.2 - Denial of Service via Malformed AUTH SSL Command
Details
Vulnerabilities 2,400
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits