Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2020-06-10 CVE-2020-2032 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Paloaltonetworks Globalprotect
A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges.
local
high complexity
paloaltonetworks CWE-367
7.0
2020-06-02 CVE-2020-3680 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
A race condition can occur when using the fastrpc memory mapping API.
local
high complexity
qualcomm CWE-367
7.0
2020-05-29 CVE-2020-3957 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare Fusion, Horizon Client and Remote Console
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener.
local
high complexity
vmware CWE-367
7.0
2020-04-22 CVE-2020-8833 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity.
local
high complexity
canonical apport-project CWE-367
4.7
2020-04-02 CVE-2020-8017 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Opensuse Leap and Texlive-Filesystem
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users in group mktex to delete arbitrary files on the system This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1.
local
high complexity
opensuse CWE-367
6.3
2020-03-25 CVE-2020-3808 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe Creative Cloud
Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability.
network
high complexity
adobe CWE-367
5.9
2020-03-24 CVE-2019-20610 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android
An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software.
network
high complexity
google CWE-367
8.1
2020-03-15 CVE-2019-15608 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Yarnpkg Yarn
The package integrity validation in yarn < 1.19.0 contains a TOCTOU vulnerability where the hash is computed before writing a package to cache.
network
high complexity
yarnpkg CWE-367
5.9
2020-02-25 CVE-2020-8793 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
local
high complexity
opensmtpd fedoraproject canonical CWE-367
4.7
2020-02-12 CVE-2020-8890 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Misp
An issue was discovered in MISP before 2.4.121.
network
high complexity
misp CWE-367
5.9