Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-28 | CVE-2015-5191 | Race Condition vulnerability in VMWare Tools VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. | 6.7 |
| 2017-07-25 | CVE-2015-7543 | Race Condition vulnerability in multiple products aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory. | 7.0 |
| 2017-07-17 | CVE-2017-11353 | Race Condition vulnerability in Yadm Project Yadm 1.10.0 yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys. | 5.9 |
| 2017-07-17 | CVE-2016-4984 | Race Condition vulnerability in Openldap Openldap-Servers /usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it. | 4.7 |
| 2017-07-17 | CVE-2016-4982 | Race Condition vulnerability in Teether Authd authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it. | 4.7 |
| 2017-07-17 | CVE-2016-0764 | Race Condition vulnerability in Redhat Networkmanager Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes. | 6.2 |
| 2017-07-07 | CVE-2014-7953 | Race Condition vulnerability in Google Android 4.4.4 Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat's output looking for a dexopt line, which once found should execute bindBackupAgent with the uid member of the ApplicationInfo parameter set to 1000. | 7.0 |
| 2017-07-05 | CVE-2017-10915 | Race Condition vulnerability in XEN The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219. | 9.0 |
| 2017-06-13 | CVE-2017-8242 | Race Condition vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a race condition exists in a QTEE driver potentially leading to an arbitrary memory write. | 5.9 |
| 2017-06-13 | CVE-2017-7372 | Race Condition vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location. | 7.0 |