Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-11 | CVE-2023-35311 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft 365 Apps, Office and Outlook Microsoft Outlook Security Feature Bypass Vulnerability | 7.5 |
| 2023-06-30 | CVE-2023-26299 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in HP products A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. | 7.0 |
| 2023-06-28 | CVE-2022-4143 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5, from 15.9 before 15.9.4, and from 15.10 before 15.10.1 that allows for crafted, unapproved MRs to be introduced and merged without authorization | 5.3 |
| 2023-06-28 | CVE-2023-1295 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. | 7.0 |
| 2023-06-26 | CVE-2023-32554 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Trendmicro Apex ONE A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32555. | 7.0 |
| 2023-06-26 | CVE-2023-32555 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Trendmicro Apex ONE A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32554. | 7.0 |
| 2023-06-15 | CVE-2022-4149 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Netskope The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory (C:\Users\Public\netSkope) for a standard user. | 7.0 |
| 2023-06-14 | CVE-2022-31640 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in HP products Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | 7.0 |
| 2023-06-14 | CVE-2022-31641 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in HP products Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | 7.0 |
| 2023-06-14 | CVE-2022-31642 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in HP products Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | 7.0 |