Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367

CVE-2023-26438 MEDIUM

Open-Xchange App Suite - JDK DNS Cache Server-Side Request Forgery

CVE-2023-33832 MEDIUM

IBM Spectrum Protect <8.1.17.0 - DoS

CVE-2023-35311 HIGH KEV

Microsoft 365 Apps and Outlook - Security Feature Bypass via TOCTOU Race Condition

CVE-2023-33156 MEDIUM

Microsoft Defender - Privilege Escalation

CVE-2023-33154 HIGH

Windows Partition Management - Privilege Escalation

CVE-2023-26299 HIGH

HP 260 G4 Desktop Mini Firmware < 2.14 - Time-of-Check Time-of-Use Race Condition

CVE-2023-1295 HIGH

Linux Kernel 5.6-5.11 - Privilege Escalation via io_uring IORING_OP_CLOSE TOCTOU

CVE-2023-32555 HIGH

Trend Micro Apex One < 14.0.12105 - Local Privilege Escalation via TOCTOU Race Condition

CVE-2023-32554 HIGH

Trend Micro Apex One < 14.0.12105 - Time-of-Check Time-of-Use Race Condition

CVE-2023-29337 HIGH

NuGet Client - Remote Code Execution via TOCTOU Race Condition

CVE-2023-25394 HIGH

Videostream 0.5.0 and 0.4.3 - Time-of-check Time-of-use Race Condition in Updater Script

CVE-2023-2007 HIGH

Linux Kernel < 6.0 - Time-of-check Time-of-use Race Condition in DPT I2O Controller Driver

CVE-2023-1586 MEDIUM

Avast <22.11 - Privilege Escalation

CVE-2023-1585 MEDIUM

Avast & AVG Antivirus <22.11 - TOCTOU

CVE-2023-0006 MEDIUM

Palo Alto Networks GlobalProtect < - Privilege Escalation

CVE-2023-0778 MEDIUM

Podman < 4.4.2 - Time-of-check Time-of-use Race Condition via Volume Export

CVE-2023-22883 HIGH

Zoom Meetings < 5.13.5 - Local Privilege Escalation via Installation Process Race Condition

CVE-2023-24861 HIGH

Windows Graphics Component - Privilege Escalation

CVE-2023-23389 MEDIUM

Microsoft Malware Protection Engine - Elevation of Privilege via TOCTOU Race Condition

CVE-2023-20623 MEDIUM

Android - Local Privilege Escalation via Improper Locking in ion

CVE-2023-20620 MEDIUM

Android - Local Privilege Escalation via ADSP Logic Error

CVE-2023-23520 MEDIUM

iPadOS < 16.3 - Arbitrary File Read as Root via Race Condition

CVE-2023-22397 MEDIUM

Juniper Networks Junos OS Evolved PTX10003 - Memory Corruption

CVE-2023-20523 MEDIUM

AMD EPYC 7002 Series Firmware - Time-of-check Time-of-use Race Condition in ASP

CVE-2023-21555 HIGH

Windows L2TP - Remote Code Execution via Time-of-check Time-of-use Race Condition

Previous Page 16 of 26 Next

Details

Vulnerabilities 649

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy