Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2022-01-21 CVE-2021-4001 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c.
local
high complexity
linux CWE-367
4.1
2022-01-04 CVE-2022-20013 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 10.0/11.0
In vow driver, there is a possible memory corruption due to a race condition.
local
high complexity
google CWE-367
6.4
2021-12-17 CVE-2021-0897 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 10.0/11.0/12.0
In apusys, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-367
6.7
2021-12-08 CVE-2021-42835 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Plex Media Server
An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee.
local
high complexity
plex CWE-367
7.0
2021-11-17 CVE-2021-33097 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Intel Crypto API Toolkit for Intel SGX 2.0
Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via network access.
network
high complexity
intel CWE-367
6.6
2021-11-12 CVE-2021-1921 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
local
high complexity
qualcomm CWE-367
7.0
2021-11-02 CVE-2021-36924 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device.
local
low complexity
realtek CWE-367
7.8
2021-10-06 CVE-2021-34788 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Cisco Anyconnect Secure Mobility Client
A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client.
local
high complexity
cisco CWE-367
7.0
2021-09-27 CVE-2021-34413 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Zoom Plugin for Microsoft Outlook
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process.
network
high complexity
zoom CWE-367
7.5
2021-09-09 CVE-2021-30290 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
high complexity
qualcomm CWE-367
7.0