Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2021-09-08 CVE-2021-3054 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Paloaltonetworks Pan-Os
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges.
network
high complexity
paloaltonetworks CWE-367
6.6
2021-07-22 CVE-2021-29657 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel
arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756.
local
high complexity
linux CWE-367
7.4
2021-07-15 CVE-2021-0289 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos
When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer.
high complexity
juniper CWE-367
5.3
2021-06-30 CVE-2021-22369 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Huawei Emui and Magic UI
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone.
network
high complexity
huawei CWE-367
8.1
2021-06-24 CVE-2021-32708 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Flysystem is an open source file storage library for PHP.
network
high complexity
thephpleague fedoraproject CWE-367
8.1
2021-06-09 CVE-2020-11298 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
high complexity
qualcomm CWE-367
7.0
2021-06-09 CVE-2020-11233 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
high complexity
qualcomm CWE-367
7.0
2021-05-12 CVE-2021-23892 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mcafee Endpoint Security for Linux Threat Prevention
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations.
local
high complexity
mcafee CWE-367
7.0
2021-04-30 CVE-2021-21539 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Dell Idrac9 Firmware
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use (TOCTOU) race condition vulnerability.
network
high complexity
dell CWE-367
7.1
2021-03-17 CVE-2020-11230 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address to user land in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
high complexity
qualcomm CWE-367
6.4