Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-26 | CVE-2024-0133 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Nvidia Container Toolkit and Nvidia GPU Operator NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. | 3.4 |
| 2024-09-21 | CVE-2024-6787 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Moxa Mxview ONE This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). | 5.9 |
| 2024-09-11 | CVE-2024-27114 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Soplanning A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. | 9.8 |
| 2024-08-21 | CVE-2024-43882 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. | 7.0 |
| 2024-08-14 | CVE-2024-39425 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. | 7.0 |
| 2024-08-13 | CVE-2023-20578 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution. | 6.4 |
| 2024-08-08 | CVE-2024-7348 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Postgresql Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. | 7.5 |
| 2024-07-30 | CVE-2024-42107 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if PTP is disabled The ice_ptp_extts_event() function can race with ice_ptp_release() and result in a NULL pointer dereference which leads to a kernel panic. Panic occurs because the ice_ptp_extts_event() function calls ptp_clock_event() with a NULL pointer. | 4.7 |
| 2024-07-04 | CVE-2024-39936 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in QT An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. | 5.9 |
| 2024-05-21 | CVE-2021-47280 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read in drm_getunique() There is a time-of-check-to-time-of-use error in drm_getunique() due to retrieving file_priv->master prior to locking the device's master mutex. An example can be seen in the crash report of the use-after-free error found by Syzbot: https://syzkaller.appspot.com/bug?id=148d2f1dfac64af52ffd27b661981a540724f803 In the report, the master pointer was used after being freed. | 7.0 |