CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-362

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2023-22499 362 2023-01-17 2023-01-25
0.0
None ??? ??? ??? ??? ??? ???
Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the terminal screen after permission prompt was shown and write a generic message. This situation impacts users who use Web Worker API and relied on interactive permission prompt. The reproduction is very timing sensitive and can’t be reliably reproduced on every try. This problem can not be exploited on systems that do not attach an interactive prompt (for example headless servers). The problem has been fixed in Deno v1.29.3; it is recommended all users update to this version. Users are advised to upgrade. Users unable to upgrade may run with --no-prompt flag to disable interactive permission prompts.
2 CVE-2023-21771 362 2023-01-10 2023-01-18
0.0
None ??? ??? ??? ??? ??? ???
Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability.
3 CVE-2023-21766 362 2023-01-10 2023-01-18
0.0
None ??? ??? ??? ??? ??? ???
Windows Overlay Filter Information Disclosure Vulnerability.
4 CVE-2023-21733 362 2023-01-10 2023-01-18
0.0
None ??? ??? ??? ??? ??? ???
Windows Bind Filter Driver Elevation of Privilege Vulnerability.
5 CVE-2023-21725 362 2023-01-10 2023-01-18
0.0
None ??? ??? ??? ??? ??? ???
Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability.
6 CVE-2023-21679 362 Exec Code 2023-01-10 2023-01-18
0.0
None ??? ??? ??? ??? ??? ???
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556.
7 CVE-2023-21546 362 Exec Code 2023-01-10 2023-01-17
0.0
None ??? ??? ??? ??? ??? ???
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21555, CVE-2023-21556, CVE-2023-21679.
8 CVE-2023-21542 362 2023-01-10 2023-01-15
0.0
None ??? ??? ??? ??? ??? ???
Windows Installer Elevation of Privilege Vulnerability.
9 CVE-2023-21536 362 2023-01-10 2023-01-17
0.0
None ??? ??? ??? ??? ??? ???
Event Tracing for Windows Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21753.
10 CVE-2023-21535 362 Exec Code 2023-01-10 2023-01-17
0.0
None ??? ??? ??? ??? ??? ???
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21548.
11 CVE-2022-46689 362 Exec Code 2022-12-15 2023-01-09
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.
12 CVE-2022-46174 362 2022-12-28 2023-01-11
0.0
None ??? ??? ??? ??? ??? ???
efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior to applying the TLS tunnel. In affected versions, concurrent mount operations can allocate the same local port, leading to either failed mount operations or an inappropriate mapping from an EFS customer’s local mount points to that customer’s EFS file systems. This issue is patched in version v1.34.4. There is no recommended work around. We recommend affected users update the installed version of efs-utils to v1.34.4 or later.
13 CVE-2022-45888 362 2022-11-25 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.
14 CVE-2022-45887 362 2022-11-25 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.
15 CVE-2022-45886 362 2022-11-25 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.
16 CVE-2022-45885 362 2022-11-25 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.
17 CVE-2022-45884 362 2022-11-25 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.
18 CVE-2022-45869 362 DoS Mem. Corr. 2022-11-30 2022-12-05
0.0
None ??? ??? ??? ??? ??? ???
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.
19 CVE-2022-44676 362 Exec Code 2022-12-13 2022-12-16
0.0
None ??? ??? ??? ??? ??? ???
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44670.
20 CVE-2022-44669 362 2022-12-13 2022-12-16
0.0
None ??? ??? ??? ??? ??? ???
Windows Error Reporting Elevation of Privilege Vulnerability.
21 CVE-2022-44563 362 2022-11-09 2022-11-10
0.0
None ??? ??? ??? ??? ??? ???
There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.
22 CVE-2022-44034 362 2022-10-30 2022-11-01
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and scr24x_remove().
23 CVE-2022-44033 362 2022-10-30 2022-11-01
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and reader_detach().
24 CVE-2022-44032 362 2022-10-30 2022-11-01
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach().
25 CVE-2022-42930 362 2022-12-22 2022-12-30
0.0
None ??? ??? ??? ??? ??? ???
If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the <code>ThirdPartyUtil</code> component. This vulnerability affects Firefox < 106.
26 CVE-2022-42864 362 Exec Code 2022-12-15 2023-01-09
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.
27 CVE-2022-42832 362 Exec Code 2022-11-01 2023-01-09
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.
28 CVE-2022-42831 362 Exec Code 2022-11-01 2023-01-09
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.
29 CVE-2022-42806 362 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.
30 CVE-2022-42803 362 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges.
31 CVE-2022-42791 362 Exec Code 2022-11-01 2022-12-08
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.
32 CVE-2022-42771 362 DoS 2022-12-06 2022-12-07
0.0
None ??? ??? ??? ??? ??? ???
In wlan driver, there is a race condition, This could lead to local denial of service in wlan services.
33 CVE-2022-42770 362 DoS 2022-12-06 2022-12-07
0.0
None ??? ??? ??? ??? ??? ???
In wlan driver, there is a race condition, This could lead to local denial of service in wlan services.
34 CVE-2022-41850 362 2022-09-30 2022-12-24
0.0
None ??? ??? ??? ??? ??? ???
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
35 CVE-2022-41849 362 2022-09-30 2022-12-24
0.0
None ??? ??? ??? ??? ??? ???
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.
36 CVE-2022-41848 362 2022-09-30 2022-10-04
0.0
None ??? ??? ??? ??? ??? ???
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
37 CVE-2022-41118 362 Exec Code 2022-11-09 2022-11-11
0.0
None ??? ??? ??? ??? ??? ???
Windows Scripting Languages Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41128.
38 CVE-2022-41116 362 DoS 2022-11-09 2022-11-15
0.0
None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-41090.
39 CVE-2022-41114 362 2022-11-09 2022-11-15
0.0
None ??? ??? ??? ??? ??? ???
Windows Bind Filter Driver Elevation of Privilege Vulnerability.
40 CVE-2022-41100 362 2022-11-09 2022-11-15
0.0
None ??? ??? ??? ??? ??? ???
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41045, CVE-2022-41093.
41 CVE-2022-41093 362 2022-11-09 2022-11-14
0.0
None ??? ??? ??? ??? ??? ???
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41045, CVE-2022-41100.
42 CVE-2022-41090 362 DoS 2022-11-09 2022-11-14
0.0
None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-41116.
43 CVE-2022-41088 362 Exec Code 2022-11-09 2022-11-14
0.0
None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41039, CVE-2022-41044.
44 CVE-2022-41086 362 2022-11-09 2022-11-10
0.0
None ??? ??? ??? ??? ??? ???
Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37992.
45 CVE-2022-41045 362 2022-11-09 2022-11-11
0.0
None ??? ??? ??? ??? ??? ???
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41093, CVE-2022-41100.
46 CVE-2022-41044 362 Exec Code 2022-11-09 2022-11-11
0.0
None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41039, CVE-2022-41088.
47 CVE-2022-41039 362 Exec Code 2022-11-09 2022-11-11
0.0
None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41044, CVE-2022-41088.
48 CVE-2022-41035 362 2022-10-11 2022-11-14
0.0
None ??? ??? ??? ??? ??? ???
Microsoft Edge (Chromium-based) Spoofing Vulnerability.
49 CVE-2022-40310 362 2022-09-23 2022-09-26
0.0
None ??? ??? ??? ??? ??? ???
Authenticated (subscriber+) Race Condition vulnerability in Rate my Post – WP Rating System plugin <= 3.3.4 at WordPress allows attackers to increase/decrease votes.
50 CVE-2022-40130 362 2022-11-18 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
Auth. (subscriber+) Race Condition vulnerability in WP-Polls plugin <= 2.76.0 on WordPress.
Total number of vulnerabilities : 1178   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.