Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-30 | CVE-2010-2792 | Race Condition vulnerability in Redhat Spice-Xpi 2.2 Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client (aka qspice-client) in qspice 0.3.0, and then accessing this socket. | 3.3 |
| 2010-08-11 | CVE-2010-2558 | Race Condition vulnerability in Microsoft Internet Explorer 6/7/8 Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-1888 | Race Condition vulnerability in Microsoft Windows XP Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability." | 6.8 |
| 2010-06-22 | CVE-2010-1775 | Race Condition vulnerability in Apple Iphone OS Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot. | 1.9 |
| 2010-06-07 | CVE-2010-2024 | Race Condition vulnerability in Exim transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/. | 4.4 |
| 2010-06-07 | CVE-2010-2023 | Race Condition vulnerability in Exim transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file. | 4.4 |
| 2010-04-20 | CVE-2010-1151 | Race Condition vulnerability in Apache Http Server Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials. | 6.8 |
| 2010-04-16 | CVE-2010-1161 | Race Condition vulnerability in GNU Nano Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files. | 3.7 |
| 2010-04-15 | CVE-2010-0436 | Race Condition vulnerability in KDE SC Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm. | 6.9 |
| 2010-04-01 | CVE-2010-1228 | Race Condition vulnerability in Google Chrome Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors. | 10.0 |