Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-29 | CVE-2017-16512 | Race Condition vulnerability in Hashicorp Vagrant VMWare Fusion 5.0.2/5.0.3/5.0.4 The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available. | 7.2 |
| 2018-03-28 | CVE-2018-8885 | Race Condition vulnerability in Canonical Screen-Resolution-Extra and Ubuntu Linux screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call. | 4.4 |
| 2018-03-26 | CVE-2017-12410 | Race Condition vulnerability in Kaseya Virtual System Administrator It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition when Kaseya Virtual System Administrator agent 9.3.0.11 and earlier tries to execute its binaries from working and/or temporary folders. | 6.9 |
| 2018-03-26 | CVE-2017-18249 | Race Condition vulnerability in Linux Kernel The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads. | 4.4 |
| 2018-03-12 | CVE-2018-7562 | Race Condition vulnerability in Glpi-Project Glpi A remote code execution issue was discovered in GLPI through 9.2.1. | 6.0 |
| 2018-03-12 | CVE-2017-18224 | Race Condition vulnerability in Linux Kernel In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field. | 1.9 |
| 2018-03-09 | CVE-2018-7995 | Race Condition vulnerability in multiple products Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck<cpu number> directory. | 4.7 |
| 2018-03-06 | CVE-2017-6296 | Race Condition vulnerability in multiple products NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. | 4.4 |
| 2018-03-01 | CVE-2017-14798 | Race Condition vulnerability in multiple products A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root. | 7.0 |
| 2018-02-27 | CVE-2017-18203 | Race Condition vulnerability in Linux Kernel The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices. | 1.9 |