Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition

DATE CVE VULNERABILITY TITLE RISK
2023-05-09 CVE-2021-46792 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service.
network
high complexity
amd CWE-367
5.9
2023-05-09 CVE-2021-26356 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products
A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure.
network
high complexity
amd CWE-367
7.4
2023-04-27 CVE-2022-38730 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Docker Desktop
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class.
local
high complexity
docker CWE-367
6.3
2023-04-19 CVE-2023-1585 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion.
local
high complexity
avast avg CWE-367
6.3
2023-04-19 CVE-2023-1586 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation.
local
high complexity
avast avg CWE-367
4.7
2023-04-13 CVE-2022-33270 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
network
high complexity
qualcomm CWE-367
5.9
2023-04-12 CVE-2023-0006 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Paloaltonetworks Globalprotect
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
local
high complexity
paloaltonetworks CWE-367
6.3
2023-03-29 CVE-2022-36980 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490.
network
high complexity
ivanti CWE-367
8.1
2023-03-27 CVE-2023-0778 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman.
network
high complexity
podman-project redhat CWE-367
6.8
2023-03-10 CVE-2022-33257 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
local
high complexity
qualcomm CWE-367
7.0