Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-06 | CVE-2014-5332 | Race Condition vulnerability in Linux Kernel 3.10 Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox. | 6.9 |
| 2015-01-14 | CVE-2014-8640 | Race Condition vulnerability in multiple products The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls. | 5.0 |
| 2014-12-17 | CVE-2014-7170 | Race Condition vulnerability in Puppet Server 0.2.0 Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service. | 1.9 |
| 2014-11-30 | CVE-2014-9150 | Race Condition vulnerability in Adobe Acrobat and Acrobat Reader Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568. | 6.4 |
| 2014-11-26 | CVE-2014-8005 | Race Condition vulnerability in Cisco IOS XR Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239. | 5.0 |
| 2014-11-16 | CVE-2014-2667 | Race Condition vulnerability in Python Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value. | 3.3 |
| 2014-11-10 | CVE-2014-3611 | Race Condition vulnerability in multiple products Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation. | 4.7 |
| 2014-10-19 | CVE-2014-3406 | Race Condition vulnerability in Cisco Intrusion Prevention System Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1(7)E4 and earlier allows remote attackers to cause a denial of service (device reload) via crafted IP traffic that matches a problematic rule, aka Bug ID CSCud82085. | 7.1 |
| 2014-10-18 | CVE-2014-4438 | Race Condition vulnerability in Apple mac OS X Race condition in LoginWindow in Apple OS X before 10.10 allows physically proximate attackers to obtain access by leveraging an unattended workstation on which screen locking had been attempted. | 6.9 |
| 2014-10-15 | CVE-2014-8750 | Race Condition vulnerability in Openstack Nova Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances. | 6.5 |