Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-08 | CVE-2019-14119 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 7.0 |
| 2020-08-11 | CVE-2020-0238 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition. | 7.0 |
| 2020-08-06 | CVE-2020-15702 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Canonical Apport TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. | 7.0 |
| 2020-08-06 | CVE-2020-7460 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Freebsd 11.3/11.4/12.1 In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation. | 7.0 |
| 2020-07-15 | CVE-2020-14677 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 7.5 |
| 2020-07-15 | CVE-2020-14675 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 7.5 |
| 2020-07-15 | CVE-2020-14674 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 7.5 |
| 2020-06-18 | CVE-2020-13882 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. | 4.2 |
| 2020-06-16 | CVE-2020-13162 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Pulsesecure products A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges. | 7.0 |
| 2020-06-15 | CVE-2017-18869 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Chownr Project Chownr A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks. | 2.5 |