Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2015-1340 | Race Condition vulnerability in Linuxcontainers LXD LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. | 6.8 |
| 2019-04-12 | CVE-2019-11191 | Race Condition vulnerability in Linux Kernel The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. | 2.5 |
| 2019-04-12 | CVE-2019-11190 | Race Condition vulnerability in Linux Kernel The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. | 4.7 |
| 2019-04-08 | CVE-2019-0217 | Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | 7.5 |
| 2019-04-03 | CVE-2018-4266 | Race Condition vulnerability in Apple products A race condition was addressed with additional validation. | 4.3 |
| 2019-04-03 | CVE-2017-7151 | Race Condition vulnerability in Apple products A race condition was addressed with additional validation. | 5.1 |
| 2019-03-15 | CVE-2018-18253 | Race Condition vulnerability in Capmon Access Manager 5.4.1.1005 An issue was discovered in CapMon Access Manager 5.4.1.1005. | 6.9 |
| 2019-03-12 | CVE-2019-9710 | Race Condition vulnerability in Webargs Project Webargs An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. | 6.8 |
| 2019-03-07 | CVE-2018-18808 | Race Condition vulnerability in Tibco products The domain management component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a race-condition vulnerability that may allow any users with domain save privileges to gain superuser privileges. | 8.5 |
| 2019-02-28 | CVE-2019-1992 | Race Condition vulnerability in Google Android In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. | 7.6 |