Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367

CVE-2024-29062 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-23H2 - Secure Boot Security Feature Bypass via TOCTOU Race Condition

CVE-2024-26218 HIGH

Windows Kernel - Elevation of Privilege via Time-of-check Time-of-use Race Condition

CVE-2024-1729 MEDIUM

gradio < 4.19.2 - Timing Attack via Login Function Password Comparison

CVE-2024-28183 MEDIUM

ESP-IDF - Time-of-Check Time-of-Use Race Condition in Bootloader Anti-Rollback Protection

CVE-2024-24692 MEDIUM

Zoom Rooms Client for Windows <5.17.5 - DoS

CVE-2024-0163 MEDIUM

Dell PowerEdge Server BIOS < 2.0.0 (1.8.0 for R860/R960/XE9680/XR5610) - Time-of-check Time-of-use Race Condition

CVE-2024-21433 HIGH

Windows 10 1507-22H2 - Elevation of Privilege via Print Spooler TOCTOU Race Condition

CVE-2024-27297 MEDIUM

Nix < 2.3.18 - Time-of-check Time-of-use Race Condition via Unix Domain Socket

CVE-2024-1563 HIGH

Firefox Focus < 122.0 - Unauthorized Script Execution via JavaScript URI and Timeout Race Condition

CVE-2024-21371 HIGH

Windows Kernel - Elevation of Privilege via Time-of-check Time-of-use Race Condition

CVE-2024-21362 MEDIUM

Windows Kernel - Security Feature Bypass via Time-of-check Time-of-use Race Condition

CVE-2023-31324 HIGH

AMD ROCm < 6.2.0 - Time-of-check Time-of-use Race Condition in XGMI TA Command Processing

CVE-2023-20548 HIGH

AMD Secure Processor - Memory Corruption

CVE-2023-20578 HIGH

AMD EPYC Firmware < genoapi_1.0.0.2 - Authenticated TOCTOU Race Condition in SMM

CVE-2023-33119 HIGH

VM Image <coherent - Memory Corruption

CVE-2023-32156 HIGH

Tesla Model 3 Firmware - Authenticated Arbitrary Code Execution via Firmware Update Error Handling

CVE-2023-27327 HIGH

Parallels Desktop < 18.1.1 (53328) - Local Privilege Escalation via Toolgate Race Condition

CVE-2023-27323 HIGH

Parallels Desktop < 18.1.0 (53311) - Local Privilege Escalation via Updater Service Symbolic Link

CVE-2023-32282 HIGH

Intel(R) Processors - Privilege Escalation

CVE-2023-52556 MEDIUM

OpenBSD < 7.4 - Denial of Service via pf(4) State Expiration Race Condition

CVE-2023-52478 MEDIUM

Linux Kernel < 4.14.328 - Use-After-Free via HID++ Battery Power Supply Race Condition

CVE-2023-6917 MEDIUM

Performance Co-Pilot < 6.2.0 - Local Privilege Escalation via Symlink Attack

CVE-2023-33046 HIGH

Qualcomm AR8035 Firmware - Memory Corruption in Trusted Execution Environment

CVE-2023-43741 HIGH

Buildkite Elastic CI - Privilege Escalation

CVE-2023-6803 MEDIUM

GitHub Enterprise Server 3.8.0-3.8.11 - Time-of-check Time-of-use Race Condition

Previous Page 14 of 26 Next

Details

Vulnerabilities 649

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy