Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-11353 | Race Condition vulnerability in Yadm Project Yadm 1.10.0 yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys. | 5.9 |
| 2017-07-17 | CVE-2016-4984 | Race Condition vulnerability in Openldap Openldap-Servers /usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it. | 4.7 |
| 2017-07-17 | CVE-2016-4982 | Race Condition vulnerability in Teether Authd authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it. | 4.7 |
| 2017-07-17 | CVE-2016-0764 | Race Condition vulnerability in Redhat Networkmanager Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes. | 6.2 |
| 2017-07-07 | CVE-2014-7953 | Race Condition vulnerability in Google Android 4.4.4 Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat's output looking for a dexopt line, which once found should execute bindBackupAgent with the uid member of the ApplicationInfo parameter set to 1000. | 7.0 |
| 2017-07-05 | CVE-2017-10915 | Race Condition vulnerability in XEN The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219. | 9.0 |
| 2017-06-13 | CVE-2017-8242 | Race Condition vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a race condition exists in a QTEE driver potentially leading to an arbitrary memory write. | 5.9 |
| 2017-06-13 | CVE-2017-7372 | Race Condition vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location. | 7.0 |
| 2017-06-13 | CVE-2017-7368 | Race Condition vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver. | 7.0 |
| 2017-06-13 | CVE-2015-9022 | Race Condition vulnerability in Google Android In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs. | 7.0 |