Vulnerabilities (CVE)

Filtered by CWE-362
Total 1546 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1228 1 Google 1 Chrome 2024-02-28 10.0 HIGH N/A
Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors.
CVE-2010-2653 1 Linux 1 Linux Kernel 2024-02-28 6.9 MEDIUM N/A
Race condition in the hvc_close function in drivers/char/hvc_console.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service or possibly have unspecified other impact by closing a Hypervisor Virtual Console device, related to the hvc_open and hvc_remove functions.
CVE-2010-5074 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2024-02-28 4.3 MEDIUM N/A
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack.
CVE-2010-3412 1 Google 1 Chrome 2024-02-28 9.3 HIGH N/A
Race condition in the console implementation in Google Chrome before 6.0.472.59 has unspecified impact and attack vectors.
CVE-2010-4526 3 Linux, Redhat, Vmware 3 Linux Kernel, Enterprise Mrg, Esx 2024-02-28 7.1 HIGH N/A
Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function.
CVE-2011-0695 3 Canonical, Linux, Redhat 7 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 4 more 2024-02-28 5.7 MEDIUM N/A
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
CVE-2010-4807 1 Ibm 1 Web Content Manager 2024-02-28 3.5 LOW N/A
Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 allows remote authenticated users to cause a denial of service (infinite recursive query) via unspecified vectors, related to a StackOverflowError exception.
CVE-2010-4295 3 Apple, Linux, Vmware 6 Mac Os X, Linux Kernel, Fusion and 3 more 2024-02-28 6.9 MEDIUM N/A
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
CVE-2010-3493 1 Python 1 Python 2024-02-28 4.3 MEDIUM N/A
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.
CVE-2011-1485 1 Redhat 1 Policykit 2024-02-28 6.9 MEDIUM N/A
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
CVE-2009-5010 1 G.rodola 1 Pyftpdlib 2024-02-28 4.3 MEDIUM N/A
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, a different vulnerability than CVE-2010-3494.
CVE-2010-1123 1 Chip Salzenberg 1 Deliver 2024-02-28 2.1 LOW N/A
Chip Salzenberg Deliver does not properly associate a lockfile with the user who created the file, which allows local users to cause a denial of service (blockage of incoming e-mail) by creating lockfiles for arbitrary mailboxes.
CVE-2010-1161 1 Gnu 1 Nano 2024-02-28 3.7 LOW N/A
Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.
CVE-2010-4765 1 Otrs 1 Otrs 2024-02-28 4.9 MEDIUM N/A
Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System (OTRS) before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets.
CVE-2012-0644 1 Apple 1 Iphone Os 2024-02-28 6.9 MEDIUM N/A
Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.
CVE-2010-0732 1 Gnome 2 Gtk, Screensaver 2024-02-28 6.2 MEDIUM N/A
gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.
CVE-2010-2024 1 Exim 1 Exim 2024-02-28 4.4 MEDIUM N/A
transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
CVE-2011-3961 1 Google 1 Chrome 2024-02-28 9.3 HIGH N/A
Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process.
CVE-2011-0753 1 Php 1 Php 2024-02-28 4.3 MEDIUM N/A
Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals.
CVE-2011-1444 3 Debian, Google, Linux 3 Debian Linux, Chrome, Linux Kernel 2024-02-28 6.8 MEDIUM N/A
Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.