Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2023-11-08 CVE-2023-5760 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Avast AVG Antivirus 23.8
A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests.
local
high complexity
avast CWE-367
7.0
2023-11-02 CVE-2023-46725 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Foodcoopshop
FoodCoopShop is open source software for food coops and local shops.
network
high complexity
foodcoopshop CWE-367
7.5
2023-10-25 CVE-2023-38041 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ivanti Secure Access Client 22.2/22.3/22.5
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition.
local
high complexity
ivanti CWE-367
7.0
2023-10-20 CVE-2023-34046 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare Fusion 13.0.0/13.0.1/13.0.2
VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time.
local
high complexity
vmware CWE-367
7.0
2023-10-11 CVE-2023-44188 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash, leading to a Denial of Service (DoS).
network
high complexity
juniper CWE-367
5.3
2023-10-03 CVE-2023-43976 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Catonetworks Cato Client
An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and winning the race condition (TOCTOU) via the PrivilegedHelperTool component.
network
high complexity
catonetworks CWE-367
8.1
2023-09-27 CVE-2023-44128 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android
he vulnerability is to delete arbitrary files in LGInstallService ("com.lge.lginstallservies") app.
local
high complexity
google CWE-367
3.6
2023-09-15 CVE-2023-3891 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Lapce 0.2.8
Race condition in Lapce v0.2.8 allows an attacker to elevate privileges on the system
local
high complexity
lapce CWE-367
7.0
2023-09-14 CVE-2022-47631 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Razer Synapse
Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management.
local
high complexity
razer CWE-367
7.8
2023-09-13 CVE-2023-20135 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Cisco IOS XR
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to a time-of-check, time-of-use (TOCTOU) race condition when an install query regarding an ISO image is performed during an install operation that uses an ISO image.
local
high complexity
cisco CWE-367
7.0