Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367

CVE-2022-36927 HIGH

Zoom Rooms < 5.11.3 - Local Privilege Escalation via TOCTOU Race Condition

CVE-2022-25716 MEDIUM

Qualcomm SD888 5G Firmware - Memory Corruption in Multimedia Framework

CVE-2022-32638 MEDIUM

Android - Local Privilege Escalation via Race Condition in ISP

CVE-2022-26387 HIGH

Firefox < 98 and Firefox ESR < 91.7 - Time-of-check Time-of-use Race Condition in Add-on Installation

CVE-2022-22753 HIGH

Firefox < 97.0 and Firefox ESR < 91.6 - Time-of-Check Time-of-Use Race Condition in Maintenance Service

CVE-2022-3590 MEDIUM

WordPress 4.2-6.1.1 - Unauthenticated Blind SSRF via Pingback TOCTOU Race Condition

CVE-2022-44670 HIGH

Windows SSTP - Remote Code Execution via TOCTOU Race Condition

CVE-2022-44651 HIGH

Trend Micro Apex One < 14.0.11789 - Local Privilege Escalation via TOCTOU Race Condition

CVE-2022-39908 MEDIUM

Google Android - TOCTOU Race Condition

CVE-2022-45842 MEDIUM

WP ULike WordPress Plugin <= 4.6.4 - Unauthenticated Race Condition

CVE-2022-34830 HIGH

Arm Utgard GPU Kernel Driver - Time-of-check Time-of-use Race Condition

CVE-2022-30283 HIGH

Insyde Kernel 5.0-5.4 - Time-of-check Time-of-use Race Condition in UsbCoreDxe

CVE-2022-33986 MEDIUM

Insyde Kernel 5.4-5.4.05.44.23 - TOCTOU Race Condition in VariableRuntimeDxe SMI Handler

CVE-2022-33985 HIGH

NvmExpressDxe <5.2.05.27.25-<5.3 - Memory Corruption

CVE-2022-33984 HIGH

SdMmcDevice <5.2.05.27.25-<5.3.05.36.25 - Memory Corruption

CVE-2022-33983 HIGH

NvmExpressLegacy <5.2.05.27.25 - Memory Corruption

CVE-2022-33909 HIGH

HddPassword <5.2.05.27.23-<5.3.05.36.23 - Memory Corruption

CVE-2022-33908 HIGH

SdHostDriver <5.2.05.27.25-<5.3.05.36.25 - Memory Corruption

CVE-2022-33906 MEDIUM

FwBlockServiceSmm - Memory Corruption

CVE-2022-33905 HIGH

Insyde Kernel 5.2-5.2.05.27.23 - SMRAM Corruption via AhciBusDxe DMA TOCTOU Race Condition

CVE-2022-32267 MEDIUM

Insyde Kernel 5.2-5.2.05.27.23 - SMRAM Corruption via TOCTOU Race Condition in SmmResourceCheckDxe SMI Handler

CVE-2022-31243 MEDIUM

FvbServicesRuntimeDxe - Memory Corruption

CVE-2022-30774 MEDIUM

Insyde Kernel 5.2-5.2.05.27.29 - Time-of-check Time-of-use Race Condition in PnpSmm Driver

CVE-2022-34325 HIGH

InsydeH2O 5.3-05.36.23 - TOCTOU Race Condition in StorageSecurityCommandDxe SMI Handler

CVE-2022-33982 MEDIUM

Int15ServiceSmm - Memory Corruption

Previous Page 19 of 26 Next

Details

Vulnerabilities 649

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy