Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-28 | CVE-2021-43980 | Race Condition vulnerability in multiple products The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client. | 3.7 |
| 2022-09-26 | CVE-2022-2854 | Race Condition vulnerability in multiple products Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-2857 | Race Condition vulnerability in multiple products Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-3042 | Race Condition vulnerability in multiple products Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-3049 | Race Condition vulnerability in multiple products Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-3071 | Race Condition vulnerability in multiple products Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. | 8.8 |
| 2022-09-09 | CVE-2022-40307 | Race Condition vulnerability in multiple products An issue was discovered in the Linux kernel through 5.19.8. | 4.7 |
| 2022-09-06 | CVE-2022-26450 | Race Condition vulnerability in Google Android 12.0 In apusys, there is a possible use after free due to a race condition. | 6.4 |
| 2022-09-02 | CVE-2022-39188 | Race Condition vulnerability in multiple products An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. | 4.7 |
| 2022-09-01 | CVE-2022-1729 | Race Condition vulnerability in multiple products A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. | 7.0 |