Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2020-10-22 CVE-2020-9939 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apple mac OS X
This issue was addressed with improved checks.
local
high complexity
apple CWE-367
6.4
2020-10-22 CVE-2020-9921 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apple mac OS X
A memory corruption issue was addressed with improved memory handling.
local
high complexity
apple CWE-367
7.0
2020-10-20 CVE-2020-3982 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device.
network
high complexity
vmware CWE-367
7.7
2020-10-20 CVE-2020-3981 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device.
network
high complexity
vmware CWE-367
5.8
2020-10-14 CVE-2020-8332 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Lenovo products
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution.
local
high complexity
lenovo CWE-367
6.4
2020-09-30 CVE-2020-14375 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
high complexity
dpdk opensuse canonical CWE-367
7.8
2020-09-17 CVE-2020-0358 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 11.0
In SurfaceFlinger, there is a possible use after free due to a race condition.
local
high complexity
google CWE-367
6.4
2020-09-09 CVE-2020-25212 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.
local
high complexity
linux debian opensuse canonical CWE-367
7.0
2020-09-08 CVE-2020-3619 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ8074, Kamorta, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, QCA8081, QCS404, QCS605, QCS610, QM215, Rennell, SA415M, SC7180, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130
local
high complexity
qualcomm CWE-367
7.0
2020-09-08 CVE-2019-14119 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
local
high complexity
qualcomm CWE-367
7.0