CWE-367: CWE-367

A time-of-check time-of-use race condition vulnerability in Microsoft Defender for Linux allows a local authenticated attacker to cause a denial of se...

A Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability in Microsoft Graphics Component allows authenticated attackers to elevate privileges...

A Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability in Windows TCP/IP stack allows authenticated local attackers to elevate privileges b...

A time-of-check time-of-use race condition vulnerability in Windows NTFS allows local attackers to read unauthorized files or memory contents. This af...

A race condition vulnerability in NVIDIA .run installers for Linux and Solaris allows local attackers to escalate privileges. This affects systems whe...

This vulnerability in Microsoft AutoUpdate (MAU) allows attackers to gain elevated privileges on affected systems. It affects macOS devices running Mi...

A race condition vulnerability in the Linux kernel's iwlegacy WiFi driver allows stale interrupts to trigger during system resume from hibernation, ca...

This CVE describes a local privilege escalation vulnerability in Elefant Update Service where an attacker with local access can exploit a race conditi...

This CVE describes a Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Adobe Acrobat Reader that could allow local attackers to escal...

This CVE describes a Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Adobe Acrobat Reader that could allow arbitrary code execution...

This vulnerability allows an authenticated attacker to elevate privileges on Windows systems by exploiting the Windows Perception Service. It affects ...

This CVE describes a use-after-free vulnerability in the Linux kernel's Direct Rendering Manager (DRM) subsystem. Attackers could potentially exploit ...

This CVE describes a use-after-free vulnerability in the Linux kernel's Intel QAT crypto driver during PCI AER error recovery. A race condition occurs...

This CVE describes a Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability in openEuler iSulad container runtime. It allows attackers to exp...

This vulnerability allows attackers to elevate privileges on Windows systems by exploiting the Print Spooler service. Attackers could gain SYSTEM-leve...

This vulnerability allows an attacker with arbitrary read/write capability to bypass Pointer Authentication security mechanisms on Apple devices. It a...

CVE-2023-38041 is a privilege escalation vulnerability in Ivanti software where authenticated users can exploit a Time-of-Check to Time-of-Use (TOCTOU...

This vulnerability in N-able Take Control Agent allows attackers to delete arbitrary files through a time-of-check to time-of-use (TOCTOU) race condit...

This vulnerability in Windows Projected File System allows attackers to elevate privileges on affected systems. It enables local authenticated users t...

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in AMI UEFI Firmware on certain HP PC products could allow attackers to execute arbitrary code d...

This CVE describes a Time-of-Check Time-of-Use (TOCTOU) vulnerability in Trend Micro Apex One and Apex One as a Service agents that allows local attac...

This vulnerability allows a local unprivileged Windows user to exploit a race condition in the Netskope client service to gain SYSTEM-level privileges...

This CVE describes vulnerabilities in the system BIOS of certain HP PC products that could allow attackers to execute arbitrary code, escalate privile...

CVE-2023-24861 is a privilege escalation vulnerability in the Windows Graphics Component that allows authenticated attackers to gain SYSTEM-level priv...

This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on a shared buffer between SMM and non-SMM code, creating a TOCTOU race condition. ...

This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on the PnpSmm shared buffer, creating TOCTOU race conditions that can corrupt SMRAM...

This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on the HddPassword shared buffer, creating TOCTOU race conditions that can corrupt ...

This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on the SdHostDriver buffer, creating TOCTOU race conditions that can corrupt SMRAM ...

This vulnerability in InsydeH2O firmware allows attackers with local access to potentially escalate privileges or corrupt data by exploiting a time-of...

This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on a shared buffer between SMM and non-SMM code, creating a TOCTOU race condition. ...

This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on the NvmExpressDxe buffer, creating TOCTOU race conditions that can corrupt SMRAM...

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in AMI UEFI Firmware used in certain HP PC products could allow attackers to execute arbitrary c...

CVE-2022-1537 is a Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability in GruntJS's file.copy operations that allows arbitrary file writes...

This CVE describes a time-of-check-time-of-use (TOCTOU) vulnerability in Apache Tomcat that allows local attackers to escalate privileges. The vulnera...

This vulnerability allows authenticated local attackers to execute arbitrary code with root privileges on Linux and Mac OS systems running Cisco AnyCo...

This vulnerability allows an authenticated local attacker to perform DLL hijacking through a race condition in Cisco AnyConnect's signature verificati...

A Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability in Windows BitLocker allows an attacker with physical access to bypass security feat...

A race condition vulnerability in Zoom Workplace Team Chat for Windows allows authenticated users to potentially access sensitive information through ...

This vulnerability allows local attackers to escalate privileges by exploiting insecure temporary batch file execution in ESET Management Agent. Attac...

This CVE describes a memory corruption vulnerability in Qualcomm sensor utility operations that could allow attackers to execute arbitrary code or cau...

This vulnerability involves memory corruption when processing configuration calls from userspace in Qualcomm components, potentially allowing local at...

This vulnerability allows memory corruption in Qualcomm camera drivers when processing I2C settings. Attackers could potentially execute arbitrary cod...

This vulnerability involves memory corruption in the OIS packet parser, which could allow an attacker to execute arbitrary code or cause denial of ser...

This CVE describes an Elevation of Privilege vulnerability in Symantec Endpoint Protection Windows Agent's ERASER Engine that allows attackers to dele...

This CVE describes a time-of-check to time-of-use (TOCTOU) race condition in the virtio_vq_recordon function in bhyve's virtual I/O implementation. It...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Craft CMS's GraphQL Asset mutation that allows DNS rebinding attacks. Attacke...

This vulnerability allows local attackers with write access to the application's configuration directory to exploit a TOCTOU race condition during con...

A time-of-check time-of-use race condition vulnerability in Intel Ethernet Adapter Complete Driver Pack software before version 1.5.1.0 allows unprivi...

A race condition vulnerability in TeamViewer's directory validation logic allows local non-admin users to create arbitrary files with SYSTEM privilege...

This CVE describes a Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Adobe Commerce that allows attackers to bypass security featur...