Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-17 | CVE-2021-33097 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Intel Crypto API Toolkit for Intel SGX Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via network access. | 6.0 |
| 2021-11-12 | CVE-2021-1921 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 6.9 |
| 2021-11-02 | CVE-2021-36924 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Realtek Rtsupx USB Utility Driver RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device. | 7.2 |
| 2021-10-27 | CVE-2011-4126 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Calibre-Ebook Calibre Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere. | 9.3 |
| 2021-10-06 | CVE-2021-34788 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. | 7.0 |
| 2021-09-27 | CVE-2021-34413 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Zoom Plugin for Microsoft Outlook All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. | 6.0 |
| 2021-09-09 | CVE-2021-30290 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 4.4 |
| 2021-09-08 | CVE-2021-3054 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Paloaltonetworks Pan-Os A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. | 8.5 |
| 2021-07-22 | CVE-2021-29657 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756. | 7.4 |
| 2021-07-15 | CVE-2021-0289 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. | 2.9 |