CWE-362: CWE-362

CVE-2025-66419 is a sandbox escape vulnerability in MaxKB's tool module that allows attackers to escalate privileges under concurrent conditions. This...

CVE-2025-66446 is a privilege escalation vulnerability in MaxKB AI assistant where improper file permissions allow attackers to overwrite critical sys...

A race condition vulnerability in Chrome's V8 JavaScript engine allows remote attackers to potentially exploit heap corruption via a crafted HTML page...

A race condition vulnerability in Chrome's V8 JavaScript engine allows remote attackers to execute arbitrary code within the browser's sandbox by tric...

A race condition vulnerability in WWBN AVideo's aVideoEncoder.json.php unzip functionality allows attackers to execute arbitrary code through speciall...

This CVE describes a race condition vulnerability in BuildKit where two malicious build steps running in parallel with shared cache mounts could allow...

This vulnerability allows an authenticated attacker on a guest virtual machine to execute arbitrary code on the Hyper-V host. It affects Windows syste...

CVE-2021-30465 is a container escape vulnerability in runc that allows attackers to break out of container filesystem isolation through directory trav...

This CVE describes a use-after-free concurrency vulnerability in the graphics module that could allow an attacker to cause system instability or crash...

A race condition vulnerability in the video framework module allows attackers to cause denial of service by exploiting multi-threading timing issues. ...

A race condition vulnerability in the card framework module allows attackers to disrupt system availability through multi-threaded exploitation. This ...

A race condition vulnerability in Okta Java Management SDK versions 11.0.0 through 20.0.0 allows concurrent API requests to interfere with each other,...

A race condition vulnerability in Huawei network management modules allows attackers to cause denial-of-service conditions by exploiting multi-threadi...

This CVE describes a use-after-free vulnerability in the screen recording framework module that could allow attackers to crash affected systems, poten...

This vulnerability allows a local attacker to execute arbitrary code with Trusted Computing Base (TCB) privileges through a race condition in OpenHarm...

This vulnerability allows a local attacker to execute arbitrary code with elevated privileges (in the Trusted Computing Base) through a race condition...

This CVE describes a race condition vulnerability in the RGXMMUCacheInvalidate function of rgxmem.c that allows local privilege escalation to kernel l...

A race condition vulnerability in the binder driver module of Huawei/HarmonyOS devices allows attackers to cause denial-of-service conditions. This af...

This is a use-after-free vulnerability in Qualcomm's kgsl graphics driver that occurs due to a race condition when closing fence file descriptors whil...

This vulnerability in Microsoft Edge (Chromium-based) allows attackers to execute code with elevated privileges by exploiting a race condition (CWE-36...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Node.js HTTP/2 servers by sending specially crafted HTTP/2 frames ...

This CVE describes a race condition vulnerability in FreeRDP's serial channel IRP thread tracking that allows heap use-after-free. Attackers could exp...

This vulnerability is a use-after-free flaw in Windows Message Queuing that allows unauthorized attackers to execute arbitrary code remotely over a ne...

A race condition vulnerability in Shopware's voucher system allows attackers to bypass voucher restrictions and exceed usage limits. This affects Shop...

A race condition vulnerability in CatoNetworks CatoClient's PrivilegedHelperTool allows attackers to escalate privileges on macOS systems. This affect...

This vulnerability allows remote code execution on systems running vulnerable LDAP clients. An attacker could execute arbitrary code with the privileg...

A race condition in Gradio's update_root_in_config function allows attackers to redirect frontend-backend communication to malicious servers. This cou...

CVE-2024-7589 is a race condition vulnerability in OpenSSH's sshd on FreeBSD systems that allows unauthenticated remote attackers to potentially execu...

This CVE describes a use-after-free vulnerability in Android's MetaDataBase.cpp due to a race condition. It allows remote attackers to escalate privil...

This CVE describes a race condition vulnerability in AMD System Management Mode (SMM) code that could allow a local attacker with compromised user spa...

This vulnerability is a race condition in OpenPMIx that allows attackers to gain ownership of arbitrary files when the library code runs with root pri...

CVE-2023-32258 is a race condition vulnerability in the Linux kernel's ksmbd SMB server that allows local attackers to escalate privileges to kernel-l...

This vulnerability allows attackers to bypass security features in ASP.NET and Visual Studio, potentially enabling unauthorized access or privilege es...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems by exploiting a flaw in the Point-to-Point Tunneling Protocol ...

This CVE describes a race condition vulnerability in Apple operating systems that could allow an application to gain elevated privileges. The vulnerab...

A race condition in the getaddrinfo function in Mozilla Thunderbird and Firefox on Linux systems could cause memory corruption and lead to a potential...

This vulnerability in the tiny_future Rust crate allows data races and memory corruption when Future<T> objects are sent or shared between threads wit...

This vulnerability in the libsbc Rust crate allows Send trait implementation for any Read type in Decoder<R>, potentially enabling data races and memo...

This vulnerability in the beef crate for Rust allows data races when beef::Cow objects are sent between threads without proper synchronization. It aff...

This vulnerability in the convec Rust crate allows data races and memory corruption by incorrectly marking ConVec<T> as thread-safe (Send and Sync) wh...

This vulnerability in the v9 Rust crate allows data races due to an unconditional Sync implementation for SyncRef<T>, violating Rust's safety guarante...

This vulnerability in the parc Rust crate allows data races and memory corruption by enabling unsafe concurrent access across threads. It affects any ...

This vulnerability in the Rust lexer crate involves an incorrect Sync trait implementation for ReaderResult<T, E> that only requires T: Send and E: Se...

This vulnerability in the unicycle Rust crate allows data races and memory corruption when PinSlab<T> and Unordered<T, S> types are sent or shared bet...