Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-11 | CVE-2022-38027 | Race Condition vulnerability in Microsoft products Windows Storage Elevation of Privilege Vulnerability | 7.0 |
| 2022-10-11 | CVE-2022-38029 | Race Condition vulnerability in Microsoft products Windows ALPC Elevation of Privilege Vulnerability | 7.0 |
| 2022-10-11 | CVE-2022-38047 | Race Condition vulnerability in Microsoft products Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
| 2022-10-11 | CVE-2022-41035 | Race Condition vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Spoofing Vulnerability | 5.3 |
| 2022-09-28 | CVE-2021-43980 | Race Condition vulnerability in multiple products The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client. | 3.7 |
| 2022-09-26 | CVE-2022-2854 | Race Condition vulnerability in multiple products Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-2857 | Race Condition vulnerability in multiple products Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-3042 | Race Condition vulnerability in multiple products Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-3049 | Race Condition vulnerability in multiple products Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-3071 | Race Condition vulnerability in multiple products Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. | 8.8 |