Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-11 | CVE-2018-9586 | Race Condition vulnerability in Google Android In run of InstallPackageTask.java in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, it is possible that package verification is turned off and remains off due to a race condition. | 4.4 |
| 2019-02-11 | CVE-2019-7718 | Race Condition vulnerability in Metinfo An issue was discovered in Metinfo 6.x. | 6.8 |
| 2019-02-04 | CVE-2019-3461 | Race Condition vulnerability in Debian Linux and Tmpreaper Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. | 4.4 |
| 2019-02-01 | CVE-2016-10741 | Race Condition vulnerability in Linux Kernel In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure. | 4.7 |
| 2019-01-18 | CVE-2018-11998 | Race Condition vulnerability in Qualcomm products While processing a packet decode request in MQTT, Race condition can occur leading to an out-of-bounds access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016 | 7.9 |
| 2019-01-11 | CVE-2019-6133 | Race Condition vulnerability in multiple products In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. | 4.4 |
| 2019-01-09 | CVE-2018-6158 | Race Condition vulnerability in multiple products A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 7.5 |
| 2019-01-09 | CVE-2018-16079 | Race Condition vulnerability in multiple products A race condition between permission prompts and navigations in Prompts in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 5.3 |
| 2019-01-09 | CVE-2017-15405 | Race Condition vulnerability in Google Chrome Inappropriate symlink handling and a race condition in the stateful recovery feature implementation could lead to a persistance established by a malicious code running with root privileges in cryptohomed in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page. | 7.0 |
| 2018-12-20 | CVE-2018-5198 | Race Condition vulnerability in Wizvera Veraport G3 In Veraport G3 ALL on MacOS, a race condition when calling the Veraport API allow remote attacker to cause arbitrary file download and execution. | 8.1 |