Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367

CVE-2022-27541 HIGH

HP EliteBook 755 G4 Firmware < 1.42 - Time-of-Check Time-of-Use Race Condition

CVE-2022-27539 HIGH

HP EliteBook 755 G4 Firmware < 1.42 - Time-of-Check Time-of-Use Race Condition

CVE-2022-38730 MEDIUM

Docker Desktop for Windows <4.6 - Code Injection

CVE-2022-33270 HIGH

Qualcomm AR8035 Firmware - Denial of Service via RRC Reconfiguration Message Race Condition

CVE-2022-43946 HIGH

Fortinet FortiClientWindows <7.0.7 - RCE

CVE-2022-3093 MEDIUM

Tesla Vehicle Firmware 2022.16.0.3 - Physical Root Code Execution via ice_updater

CVE-2022-36980 HIGH

Ivanti Avalanche 6.3.2.3490-6.3.4 - Authentication Bypass via Race Condition in EnterpriseServer Service

CVE-2022-33257 CRITICAL

Qualcomm Core Firmware - Memory Corruption

CVE-2022-32477 HIGH

Insyde InsydeH2O 5.0-5.2.05.27.27 - Time-of-check Time-of-use Race Condition in FvbServicesRuntimeDxe Shared Buffer

CVE-2022-32475 HIGH

Insyde InsydeH2O 5.0-5.5 - Time-of-check Time-of-use Race Condition via VariableRuntimeDxe Shared Buffer

CVE-2022-32469 HIGH

Insyde InsydeH2O 5.0-5.5 - TOCTOU Race Condition in PnpSmm Shared Buffer

CVE-2022-32953 HIGH

Insyde InsydeH2O 5.0-5.5 - TOCTOU Race Condition in SdHostDriver Buffer

CVE-2022-32476 HIGH

Insyde InsydeH2O 5.0-5.5 - TOCTOU Race Condition in AhciBusDxe Shared Buffer

CVE-2022-32473 HIGH

Insyde InsydeH2O 5.0-5.5 - Time-of-check Time-of-use Race Condition in HddPassword Shared Buffer

CVE-2022-32470 HIGH

Insyde InsydeH2O 5.0-5.5 - TOCTOU Race Condition in FwBlockServiceSmm Shared Buffer

CVE-2022-32955 HIGH

InsydeH2O <5.6 - Privilege Escalation

CVE-2022-32954 HIGH

InsydeH2O 5.1-5.5 - Privilege Escalation

CVE-2022-32478 HIGH

Insyde InsydeH2O 5.0-5.5 - TOCTOU Race Condition in IdeBusDxe Shared Buffer

CVE-2022-32474 HIGH

Insyde InsydeH2O 5.0-5.5 - Time-of-check Time-of-use Race Condition in StorageSecurityCommandDxe Shared Buffer

CVE-2022-32471 HIGH

Insyde InsydeH2O 5.0-5.5 - Time-of-check Time-of-use Race Condition in IhisiSmm via DMA Command Buffer Manipulation

CVE-2022-43779 HIGH

HP PC <AMI UEFI - RCE/DoS/Info Disclosure

CVE-2022-27538 HIGH

HP Elite and Dragonfly Firmware - Time-of-Check Time-of-Use Race Condition

CVE-2022-34398 HIGH

Dell Alienware BIOS < 1.22.2 - Authenticated Arbitrary Code Execution via TOCTOU Race Condition

CVE-2022-48191 HIGH

Trend Micro Maximum Security 2022 17.7 - Privilege Escalation via Mount Point Race Condition

CVE-2022-36929 HIGH

Zoom Rooms < 5.12.7 - Local Privilege Escalation via Installer Race Condition

Previous Page 18 of 26 Next

Details

Vulnerabilities 649

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy