Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367

CVE-2024-6601 MEDIUM

Firefox < 128 and Thunderbird < 128 - Race Condition Leading to Cross-Origin Permission Escalation

CVE-2024-39936 HIGH

Qt < 5.15.18 - Time-of-check Time-of-use Race Condition in HTTP2 Connection Handling

CVE-2024-39894 HIGH

OpenSSH 9.5-9.7 - Time-of-check Time-of-use Race Condition in ObscureKeystrokeTiming

CVE-2024-0171 MEDIUM

Dell PowerEdge Server BIOS < 1.8.3 - Time-of-check Time-of-use Race Condition

CVE-2024-5558 MEDIUM

Schneider Electric SpaceLogic AS-B and AS-P Firmware < 6.0.1 - Privilege Escalation via TOCTOU Race Condition

CVE-2024-35265 HIGH

Windows Perception Service - Elevation of Privilege via Time-of-check Time-of-use Race Condition

CVE-2024-30099 HIGH

Windows Kernel - Privilege Escalation

CVE-2024-30088 HIGH KEV

Windows Kernel - Privilege Escalation

CVE-2024-30084 HIGH

Windows Kernel-Mode Driver - Privilege Escalation

CVE-2024-36304 HIGH

Trend Micro Apex One/Apex One as a Service - Privilege Escalation

CVE-2024-3292 HIGH

Nessus <unknown> - Privilege Escalation

CVE-2024-3290 HIGH

Nessus < 10.7.3 - Authenticated Time-of-check Time-of-use Race Condition

CVE-2024-21792 MEDIUM

Intel(R) Neural Compressor <2.5.0 - Info Disclosure

CVE-2024-28137 HIGH

CHARX SEC-3000/3050/3100/3150 Firmware < 1.5.1 - Local Privilege Escalation via Init Script TOCTOU

CVE-2024-29149 HIGH

Alcatel-Lucent ALE NOE deskphones <86x8_NOE-R300.1.40.12.4180 - Pri...

CVE-2024-2913 MEDIUM

mintplex-labs/anything-llm - Info Disclosure

CVE-2024-34528 HIGH

WordOps < 3.21.0 - Time-of-check Time-of-use Race Condition in Stack Pref Plugin

CVE-2024-26974 HIGH

Linux kernel - crypto: qat - Use After Free

CVE-2024-23463 HIGH

Zscaler Client Connector <4.2.1 - Auth Bypass

CVE-2024-32482 LOW

Tillitis TKey signer device <1.0.0 - Info Disclosure

CVE-2024-2440 MEDIUM

GitHub Enterprise Server <3.13 - Privilege Escalation

CVE-2024-24995 HIGH

Ivanti Avalanche <6.4.3 - Privilege Escalation

CVE-2024-24993 HIGH

Ivanti Avalanche <6.4.3 - Privilege Escalation

CVE-2024-28718 CRITICAL

OpenStack Magnum - Remote Code Execution via cert_manager.py TOCTOU Race Condition

CVE-2024-29066 HIGH

Windows Server 2008/2012/2016/2019/2022 RCE via DFS TOCTOU Race Condition

Previous Page 13 of 26 Next

Details

Vulnerabilities 649

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy