Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-362

CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,400 vulnerabilities with CWE-362

Microsoft Windows 2003 Server - Race Condition

SUSE Linux - Race Condition in xfs_fsr Temporary Directory Creation

Apache HTTP Server 2.2.3 - Local Privilege Escalation via Race Condition in suexec

C1 Financial Services Contelligent 9.1.4 - Privilege Escalation

Microsoft XML Core Services 3.0 - Remote Code Execution via Nested XML Tags in IFRAME

CVE-2006-4245 HIGH

archivemail 0.6.2 - Race Condition via Insecure Temporary File Handling

Solaris 8-10 - Denial of Service via Race Condition in Kernel

PHP < 5.1.6 - Race Condition in Symlink Function

Roxio Toast Titanium 7 - Local Privilege Escalation via Temporary File Race Condition

Linux kernel <2.6.16 - Buffer Overflow

Microsoft IE - Race Condition

gdm - Local Privilege Escalation via .ICEauthority Symlink Race Condition

CVE-2005-2352 HIGH

gs-gpl < 8.56 - Race Condition in Temp File Handling

Philippe Jounin Tftpd32 < 2.80 - Denial of Service via Invalid Connect Frames

Microsoft IE - Race Condition

Opera Browser < 7.53 - URL Spoofing via Race Condition in Address Bar

Mozilla - Race Condition

IBM AIX - Privilege Escalation via Symlink Attack on Inventory Scout Daemon Log File

imwheel < 1.0.0pre11 - Denial of Service via Symlink Attack on PID File

BEA WebLogic Server 5.1-7.0.0.1 - Unprotected User Data Exposure via Session Replication Race Condition

OpenSSH <= 3.6.1p2 - Timing Attack via PAM Keyboard-Interactive Authentication

akfingerd 0.5 - Denial of Service via Symlink to Device File

Sun PatchPro 2.0 - Race Condition via Unsafe Temporary File Handling

GNOME esound <= 0.2.19 - Race Condition via Unix Domain Socket Creation

Microsoft Commercial Internet System - Information Disclosure via SSL ISAPI Filter Race Condition

Previous Page 96 of 96

Details

Vulnerabilities 2,400

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy