Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367

CVE-2021-30347 CRITICAL

Qualcomm AR8035 Firmware - Time-of-check Time-of-use Race Condition

CVE-2021-30343 CRITICAL

Qualcomm AR8035 and Multiple Firmware - Time-of-check Time-of-use Race Condition

CVE-2021-30342 CRITICAL

Qualcomm APQ8009W Firmware - Time-of-check Time-of-use Race Condition

CVE-2021-3969 HIGH

Lenovo System Interface Foundation < 1.1.20.3 - Privilege Escalation via TOCTOU Race Condition in IMController

CVE-2021-3922 HIGH

Lenovo System Interface Foundation < 1.1.20.3 - Time-of-check Time-of-use Race Condition in IMController

CVE-2021-26350 MEDIUM

AMD EPYC 7002 Series Firmware < romepi-sp3_1.0.0.d - Denial of Service via SMU Message Port Race Condition

CVE-2021-22043 HIGH

VMware ESXi - Privilege Escalation via TOCTOU Race Condition in Temporary File Handling

CVE-2021-4098 HIGH

Google Chrome < 96.0.4664.110 - Sandbox Escape via Mojo Data Validation Bypass

CVE-2021-4001 MEDIUM

Linux Kernel <5.16 rc2 - Privilege Escalation

CVE-2021-0897 MEDIUM

Google Android - Local Privilege Escalation via Missing Bounds Check in apusys

CVE-2021-42835 HIGH

Plex Media Server < 1.25.0.5282 - Local Privilege Escalation via Update Service RPC TOCTOU Race Condition

CVE-2021-33097 MEDIUM

Crypto API Toolkit - Privilege Escalation

CVE-2021-1921 HIGH

Qualcomm AQT1000 Firmware - Memory Corruption via Hypervisor Unmap Operations

CVE-2021-36924 HIGH

Realtek RtsUpx USB Utility Driver < 1.14.0.0 - Pool Overflow via Crafted Device IO Control Packet

CVE-2021-34788 HIGH

Cisco AnyConnect Secure Mobility Client < 4.10.03104 - Authenticated Shared Library Hijacking via Race Condition

CVE-2021-34413 HIGH

Zoom Plugin for Microsoft Outlook for macOS < 5.3.52553.0918 - Privilege Escalation via TOC/TOU Race Condition

CVE-2021-30290 HIGH

Qualcomm Firmware - Null Pointer Dereference via Timeline Fence Race Condition

CVE-2021-3054 HIGH

PAN-OS Authenticated RCE via Plugin Upload Race Condition

CVE-2021-29657 HIGH

Linux Kernel 5.10-5.10.28 - Use-After-Free via Nested SVM VMCB12 Double Fetch

CVE-2021-0289 MEDIUM

Juniper Junos OS TOCTOU Race Condition in ARP Policer Bypass

CVE-2021-22369 HIGH

Huawei Smartphone - Privilege Escalation

CVE-2021-32708 CRITICAL

Flysystem 1.0.0-1.1.3 - Remote Code Execution via Unicode Whitespace in File Extension

CVE-2021-1567 HIGH

Cisco AnyConnect < 4.10.01075 Authenticated DLL Hijacking via Race Condition

CVE-2021-20181 HIGH

QEMU <= 5.2.0 - Use-After-Free via 9pfs Server Race Condition

CVE-2021-23892 HIGH

McAfee Endpoint Security for Linux Threat Prevention 10.5.0-10.7.5 - Privilege Escalation via TOCTOU Race Condition

Previous Page 22 of 26 Next

Details

Vulnerabilities 649

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy