Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

DATE CVE VULNERABILITY TITLE RISK
2018-04-24 CVE-2016-9038 Race Condition vulnerability in Sophos Invincea-X 6.1.324058
An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058.
local
high complexity
sophos CWE-362
7.8
7.8
2018-04-18 CVE-2016-10439 Race Condition vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, there is a TOCTOU vulnerability in the input validation for bulletin_board_read syscall.
network
qualcomm CWE-362
critical
 9.3
9.3
2018-04-18 CVE-2016-10435 Race Condition vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, in some QTEE syscall handlers, a TOCTOU vulnerability exists.
network
qualcomm CWE-362
critical
 9.3
9.3
2018-04-18 CVE-2016-10432 Race Condition vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, and SD 820A, TOCTOU vulnerabilities may occur while sanitizing userspace values passed to tQSEE system call.
network
qualcomm CWE-362
critical
 9.3
9.3
2018-04-18 CVE-2016-10409 Race Condition vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers.
network
qualcomm CWE-362
critical
 9.3
9.3
2018-04-03 CVE-2017-14880 Race Condition vulnerability in Google Android
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while IPA WAN-driver is processing multiple requests from modem/user-space module, the global variable "num_q6_rule" does not have a mutex lock and thus can be accessed and modified by multiple threads.
local
low complexity
google CWE-362
4.6
4.6
2018-04-03 CVE-2018-0492 Race Condition vulnerability in multiple products
Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation. 		4.4
4.4
2018-04-03 CVE-2018-4167 Race Condition vulnerability in Apple products
An issue was discovered in certain Apple products.
network
high complexity
apple CWE-362
7.6
7.6
2018-04-03 CVE-2018-4166 Race Condition vulnerability in Apple products
An issue was discovered in certain Apple products.
network
high complexity
apple CWE-362
7.6
7.6
2018-04-03 CVE-2018-4158 Race Condition vulnerability in Apple Iphone OS, mac OS X and Watchos
An issue was discovered in certain Apple products.
network
high complexity
apple CWE-362
7.6
7.6