CVE-2023-35863

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-362
View all →

Vulnerability Description

In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access.

Related Vulnerabilities

CVE-2010-5153

MEDIUM
CVSS:5.3(Medium)

Race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler ...

CWE-3622010

CVE-2010-5164

MEDIUM
CVSS:5.3(Medium)

Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a ...

CWE-3622010

CVE-2016-1670

MEDIUM
CVSS:5.3(Medium)

Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make...

CWE-3622016

CVE-2016-3106

MEDIUM
CVSS:5.3(Medium)

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner.

CWE-3622016

CVE-2016-4247

MEDIUM
CVSS:5.3(Medium)

Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via...

CWE-3622016

CVE-2017-14748

MEDIUM
CVSS:5.3(Medium)

Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific ti...

CWE-3622017