Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-26387 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mozilla Firefox When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. | 7.5 |
| 2022-12-14 | CVE-2022-3590 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Wordpress WordPress is affected by an unauthenticated blind SSRF in the pingback feature. | 5.9 |
| 2022-12-12 | CVE-2022-44651 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Trendmicro Apex ONE 14.0.10349/2019 A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.0 |
| 2022-12-08 | CVE-2022-39908 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | 7.4 |
| 2022-11-30 | CVE-2022-45842 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Technowich WP Ulike Unauth. | 3.7 |
| 2022-11-23 | CVE-2022-34830 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in ARM Utgard GPU Kernel Driver R11P0/R12P0 An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operations to gain access to already freed memory. | 7.5 |
| 2022-11-15 | CVE-2022-30283 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB transactions outside of SMRAM. | 7.5 |
| 2022-11-15 | CVE-2022-30774 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) . | 6.4 |
| 2022-11-15 | CVE-2022-31243 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. | 6.4 |
| 2022-11-15 | CVE-2022-32267 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU attack) DMA transactions which are targeted at input buffers used for the software SMI handler used by the SmmResourceCheckDxe driver could cause SMRAM corruption through a TOCTOU attack... | 6.4 |