Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2024-09-21 CVE-2024-6787 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Moxa Mxview ONE
This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU).
network
high complexity
moxa CWE-367
5.9
2024-09-11 CVE-2024-27114 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Soplanning
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool.
network
low complexity
soplanning CWE-367
critical
9.8
2024-08-21 CVE-2024-43882 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back.
local
high complexity
linux CWE-367
7.0
2024-08-14 CVE-2024-39425 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation.
local
high complexity
adobe CWE-367
7.0
2024-08-13 CVE-2023-20578 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.
local
high complexity
amd CWE-367
6.4
2024-08-08 CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Postgresql
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser.
network
high complexity
postgresql CWE-367
7.5
2024-07-04 CVE-2024-39936 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in QT
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3.
network
high complexity
qt CWE-367
5.9
2024-05-01 CVE-2024-26974 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI AER system's error recovery process, the kernel driver may encounter a race condition with freeing the reset_data structure's memory.
local
high complexity
linux debian CWE-367
7.0
2024-03-13 CVE-2024-24692 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Zoom Rooms
Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.
local
high complexity
zoom CWE-367
4.7
2024-02-15 CVE-2022-23084 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Freebsd
The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted during the copyin.
local
high complexity
freebsd CWE-367
7.5