Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2019-01-09 CVE-2017-15404 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Chrome
An ability to process crash dumps under root privileges and inappropriate symlinks handling could lead to a local privilege escalation in Crash Reporting in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to perform privilege escalation via a crafted HTML page.
local
low complexity
google CWE-367
7.8
2018-11-14 CVE-2018-8584 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
local
low complexity
microsoft CWE-367
7.8
2018-09-18 CVE-2018-6693 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mcafee products
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier.
local
high complexity
mcafee CWE-367
5.3
2018-09-13 CVE-2018-8449 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-367
3.3
2018-04-12 CVE-2018-0966 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-367
3.3
2017-11-15 CVE-2017-11830 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows 10, Windows Server and Windows Server 2016
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security feature bypass, aka "Device Guard Security Feature Bypass Vulnerability".
local
low complexity
microsoft CWE-367
5.3
2017-09-08 CVE-2017-0756 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android
A remote code execution vulnerability in the Android media framework (libstagefright).
local
low complexity
google CWE-367
7.8
2017-05-02 CVE-2017-0331 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
low complexity
google linux CWE-367
7.8
2017-02-08 CVE-2017-0412 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 7.0/7.1.0/7.1.1
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process.
local
low complexity
google CWE-367
7.8
2017-02-08 CVE-2017-0411 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 7.0/7.1.0/7.1.1
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process.
local
low complexity
google CWE-367
7.8