CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367
CVE-2023-21537 HIGH
Microsoft MSMQ - Privilege Escalation
CVSS 7.8
CVE-2022-23826 LOW
Amd Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics - Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2022-26522 HIGH
Avast/AVG Anti Rootkit Driver <22.1 - Memory Corruption
CVSS 7.8
CVE-2022-27540 HIGH
HP EliteBook 836 G5 Firmware - Time-of-check Time-of-use Race Condition
CVSS 7.8
CVE-2022-48682 MEDIUM
FDUPES <2.2.0 - Privilege Escalation
CVSS 6.0
CVE-2022-23084 HIGH
FreeBSD 12.0-12.2 - Kernel Memory Corruption via netmap nmreq_copyin TOCTOU
CVSS 7.5
CVE-2022-48618 HIGH KEV
iPadOS < 16.2 - Time-of-check Time-of-use Race Condition
CVSS 7.0
CVE-2022-45809 MEDIUM
Thumbs Rating < 5.0.0 - Time-of-check Time-of-use Race Condition
CVSS 5.3
CVE-2022-24351 MEDIUM
InsydeH2O <05.27.29-05.52.13 - Memory Corruption
CVSS 4.7
CVE-2022-3702 MEDIUM
Lenovo HardwareScan Plugin < 1.3.1.2 - Denial of Service via Arbitrary Directory Deletion
CVSS 6.1
CVE-2022-3701 HIGH
Lenovo System Update Plugin < 2.0.0.213 - Privilege Escalation via TOCTOU Race Condition
CVSS 7.8
CVE-2022-3700 MEDIUM
Lenovo System Update Plugin < 2.0.0.213 - Time-of-check Time-of-use Race Condition
CVSS 6.1
CVE-2022-47631 HIGH
Razer Synapse < 3.8.0428.042117 - Privilege Escalation via DLL Hijacking Race Condition
CVSS 7.8
CVE-2022-4143 MEDIUM
GitLab 15.7-15.8.4, 15.9-15.9.3, 15.10 - Unauthenticated Time-of-check Time-of-use Race Condition
CVSS 6.4
CVE-2022-4149 HIGH
Netskope < 100 - Time-of-check Time-of-use Race Condition via Log File Recreation
CVSS 7.0
CVE-2022-31642 HIGH
HP PC Products - RCE, Privilege Escalation, DoS, Info Disclosure
CVSS 7.0
CVE-2022-31641 HIGH
HP PC Products - RCE, Privilege Escalation, DoS, Info Disclosure
CVSS 7.0
CVE-2022-31640 HIGH
HP PC Products - RCE, Privilege Escalation, DoS, Info Disclosure
CVSS 7.0
CVE-2022-31639 HIGH
HP EliteBook 745 G4 Firmware < 1.42 - Time-of-check Time-of-use Race Condition
CVSS 7.8
CVE-2022-31638 HIGH
HP EliteBook 850 G3 Firmware < 1.43 - Time-of-check Time-of-use Race Condition
CVSS 7.8
CVE-2022-31637 HIGH
HP ZBook 14u G4 Firmware - Time-of-check Time-of-use Race Condition
CVSS 7.8
CVE-2022-31636 HIGH
HP ZCentral 4R Workstation Firmware < 1.24 - Time-of-check Time-of-use Race Condition
CVSS 7.8
CVE-2022-31635 HIGH
HP ZCentral 4R Workstation Firmware < 1.24 - Time-of-check Time-of-use Race Condition
CVSS 7.8
CVE-2022-43778 HIGH
HP EliteBook 840 G3 Firmware - Time-of-check Time-of-use Race Condition
CVSS 7.8
CVE-2022-43777 HIGH
HP Z640 Workstation Firmware - Time-of-check Time-of-use Race Condition
CVSS 7.8
Details
Vulnerabilities 649
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits