VYPR

CWE-662

Improper Synchronization

ClassDraft

Description

The product utilizes multiple threads, processes, components, or systems to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-25 · CAPEC-26 · CAPEC-27 · CAPEC-29

CVEs mapped to this weakness (27)

page 1 of 2
  • CVE-2016-8368HigFeb 13, 2017
    risk 0.56cvss 8.6epss 0.03

    An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote…

  • CVE-2024-7409HigAug 5, 2024
    risk 0.49cvss 7.5epss 0.01

    A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.

  • CVE-2026-39865MedApr 8, 2026
    risk 0.31cvss 5.9epss 0.01

    Axios is a promise based HTTP client for the browser and Node.js. Starting in version 1.13.0 and prior to 1.13.2, Axios HTTP/2 session cleanup logic contains a state corruption bug that allows a malicious server to crash the client process through concurrent session closures.…

  • CVE-2025-22853LowAug 12, 2025
    risk 0.15cvss 2.3epss 0.00

    Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2026-47703Jun 4, 2026
    risk 0.00cvss epss 0.00

    ## Summary This report covers the client-triggered DoQ forwarding path in: - `dnsproxy` `v0.81.2` (`adguard/dnsproxy:v0.81.2`) - `AdGuard Home` `v0.107.74` (`adguard/adguardhome:latest`, image version label `v0.107.74`) The issue was reproduced on `2026-04-25` with the…

  • CVE-2026-28789Mar 5, 2026
    risk 0.00cvss epss 0.00

    OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared…

  • CVE-2025-27104Feb 21, 2025
    risk 0.00cvss epss 0.00

    vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single expression is possible in the iterator target of a for loop. While the iterator expression cannot produce multiple writes, it can consume side effects produced in the loop body (e.g. read a…

  • CVE-2024-32644Apr 19, 2024
    risk 0.00cvss epss 0.01

    Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and interoperable with Ethereum. Prior to 17.0.0, there is a way to mint arbitrary tokens due to the possibility to have two different states not in sync during the execution of a…

  • CVE-2023-2801Jun 6, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at…

  • CVE-2022-25210Feb 15, 2022
    risk 0.00cvss epss 0.01

    Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured.

  • CVE-2021-41213Nov 5, 2021
    risk 0.00cvss epss 0.00

    TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutually recursive. This occurs due to using a non-reentrant `Lock` Python object.…

  • CVE-2020-36204Jan 22, 2021
    risk 0.00cvss epss 0.00

    An issue was discovered in the im crate through 2020-11-09 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur.

  • CVE-2020-36206Jan 22, 2021
    risk 0.00cvss epss 0.00

    An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and Sync bounds, a data race and memory corruption can occur.

  • CVE-2020-36207Jan 22, 2021
    risk 0.00cvss epss 0.00

    An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur.

  • CVE-2020-36208Jan 22, 2021
    risk 0.00cvss epss 0.00

    An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption.

  • CVE-2020-36209Jan 22, 2021
    risk 0.00cvss epss 0.00

    An issue was discovered in the late-static crate before 0.4.0 for Rust. Because Sync is implemented for LateStatic with T: Send, a data race can occur.

  • CVE-2020-36211Jan 22, 2021
    risk 0.00cvss epss 0.00

    An issue was discovered in the gfwx crate before 0.3.0 for Rust. Because ImageChunkMut does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur.

  • CVE-2020-36214Jan 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the multiqueue2 crate before 0.1.7 for Rust. Because a non-Send type can be sent to a different thread, a data race can occur.

  • CVE-2020-36215Jan 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the hashconsing crate before 1.1.0 for Rust. Because HConsed does not have bounds on its Send trait or Sync trait, memory corruption can occur.

  • CVE-2020-36216Jan 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Input in the eventio crate before 0.5.1 for Rust. Because a non-Send type can be sent to a different thread, a data race and memory corruption can occur.