Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

DATE CVE VULNERABILITY TITLE RISK
2017-10-10 CVE-2017-9697 Race Condition vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table.
local
high complexity
google CWE-362
7.0
2017-10-10 CVE-2015-8239 Race Condition vulnerability in Sudo Project Sudo
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
local
high complexity
sudo-project CWE-362
7.0
2017-10-10 CVE-2017-15038 Race Condition vulnerability in Qemu
Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes.
local
high complexity
qemu CWE-362
5.6
2017-10-05 CVE-2017-1000112 Race Condition vulnerability in Linux Kernel
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch.
local
high complexity
linux CWE-362
7.0
2017-10-02 CVE-2017-14955 Race Condition vulnerability in Checkmk
Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GUI crash report.
network
high complexity
checkmk CWE-362
5.9
2017-09-26 CVE-2017-14748 Race Condition vulnerability in Blizzard Overwatch 1.15.0.2
Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific time during the initial loading of that match.
network
high complexity
blizzard CWE-362
5.3
2017-09-25 CVE-2017-1346 Race Condition vulnerability in IBM Business Process Manager
IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan.
local
high complexity
ibm CWE-362
2.5
2017-09-21 CVE-2017-9677 Race Condition vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, while it is not protected with locks.
local
low complexity
google CWE-362
7.8
2017-09-21 CVE-2017-8281 Race Condition vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI.
local
high complexity
google CWE-362
4.7
2017-09-20 CVE-2015-1865 Race Condition vulnerability in GNU Coreutils 8.4
fts.c in coreutils 8.4 allows local users to delete arbitrary files.
local
high complexity
gnu CWE-362
4.7