Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-27 | CVE-2021-34413 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Zoom Plugin for Microsoft Outlook All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. | 7.5 |
| 2021-09-09 | CVE-2021-30290 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 7.0 |
| 2021-09-08 | CVE-2021-3054 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Paloaltonetworks Pan-Os A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. | 6.6 |
| 2021-07-22 | CVE-2021-29657 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756. | 7.4 |
| 2021-07-15 | CVE-2021-0289 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. | 5.3 |
| 2021-06-30 | CVE-2021-22369 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Huawei Emui and Magic UI There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. | 8.1 |
| 2021-06-24 | CVE-2021-32708 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Flysystem is an open source file storage library for PHP. | 8.1 |
| 2021-06-09 | CVE-2020-11298 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.0 |
| 2021-06-09 | CVE-2020-11233 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.0 |
| 2021-05-12 | CVE-2021-23892 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mcafee Endpoint Security for Linux Threat Prevention By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations. | 7.0 |