Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-11 | CVE-2019-19580 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. | 6.6 |
| 2019-12-06 | CVE-2019-2219 | Race Condition vulnerability in Google Android 10.0/9.0 In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. | 4.7 |
| 2019-12-03 | CVE-2019-19537 | Race Condition vulnerability in Linux Kernel In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. | 4.2 |
| 2019-11-21 | CVE-2014-5255 | Race Condition vulnerability in multiple products xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. | 7.0 |
| 2019-11-21 | CVE-2014-5254 | Race Condition vulnerability in Xcfa Project Xcfa xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. | 4.7 |
| 2019-11-19 | CVE-2016-1000236 | Race Condition vulnerability in multiple products Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used. | 4.4 |
| 2019-11-12 | CVE-2019-1416 | Race Condition vulnerability in Microsoft products An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. | 7.0 |
| 2019-11-09 | CVE-2009-4011 | Race Condition vulnerability in Dtc-Xen Project Dtc-Xen dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console. | 8.1 |
| 2019-11-06 | CVE-2006-4245 | Race Condition vulnerability in multiple products archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition. | 8.1 |
| 2019-11-06 | CVE-2019-8232 | Race Condition vulnerability in Magento In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, and Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an authenticated user with administrative privileges for the import feature can execute arbitrary code through a race condition that allows webserver configuration file modification. | 6.6 |