Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2020-08-11 CVE-2020-0238 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android
In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition.
local
high complexity
google CWE-367
7.0
2020-08-06 CVE-2020-15702 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Canonical Apport
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code.
local
high complexity
canonical CWE-367
7.0
2020-08-06 CVE-2020-7460 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Freebsd 11.3/11.4/12.1
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation.
local
high complexity
freebsd CWE-367
7.0
2020-07-15 CVE-2020-14677 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
high complexity
oracle opensuse CWE-367
7.5
2020-07-15 CVE-2020-14675 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
high complexity
oracle opensuse CWE-367
7.5
2020-07-15 CVE-2020-14674 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
high complexity
oracle opensuse CWE-367
7.5
2020-06-18 CVE-2020-13882 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition.
local
high complexity
cisofy fedoraproject CWE-367
4.2
2020-06-16 CVE-2020-13162 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Pulsesecure products
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.
local
high complexity
pulsesecure CWE-367
7.0
2020-06-15 CVE-2017-18869 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Chownr Project Chownr
A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks.
local
high complexity
chownr-project CWE-367
2.5
2020-06-11 CVE-2020-0204 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 10.0
In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition.
local
high complexity
google CWE-367
7.0