Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

651 vulnerabilities with CWE-367

CVE-2019-7347 HIGH

ZoneMinder <1.32.3 - Privilege Escalation

CVE-2019-7249 CRITICAL

Keybase <2.12.6 - Privilege Escalation

CVE-2018-16872 MEDIUM

qemu < 3.1.0 - Time-of-check Time-of-use Race Condition in MTP File Handling

CVE-2018-8584 HIGH

Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via ALPC

CVE-2018-6693 MEDIUM

McAfee Endpoint Security for Linux Threat Prevention <=10.5.1 - Unauthenticated Arbitrary File Deletion via TOCTOU

CVE-2018-8449 LOW

Windows 10 and Windows Server 2016 - Security Feature Bypass via Device Guard File Validation

CVE-2018-1121 LOW

procps < 3.3.15 - Process Hiding via Race Condition in /proc/PID Enumeration

CVE-2018-0966 LOW

Windows 10 and Windows Server 2016 - Device Guard Security Feature Bypass via TOCTOU Race Condition

CVE-2017-18869 LOW

chownr < 1.1.0 - Time-of-check Time-of-use Race Condition via Symlink Attack

CVE-2017-15404 HIGH

Google Chrome < 61.0.3163.113 - Local Privilege Escalation via Crash Dump Symlink Handling

CVE-2017-11830 MEDIUM

Windows - Privilege Escalation

CVE-2017-0756 HIGH

Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 - Remote Code Execution in Media Framework

CVE-2017-0331 HIGH

Android < 7.1.1 - Elevation of Privilege via NVIDIA Video Driver Race Condition

CVE-2017-0412 HIGH

Android 7.0, 7.1.1 - Privilege Escalation via Framework APIs Race Condition

CVE-2017-0411 HIGH

Android 7.0 7.1.1 - Elevation of Privilege via Framework APIs Race Condition

CVE-2015-7810 MEDIUM

libbluray < 0.8.0 - Time-of-check Time-of-use Race Condition in MountManager JAR Expansion

CVE-2015-1865 MEDIUM

coreutils 8.4 - Arbitrary File Deletion via Race Condition in fts.c

Microsoft Internet Explorer 7-11 - Privilege Escalation via TOCTOU Race Condition

CVE-2013-4235 MEDIUM

shadow - Time-of-check Time-of-use Race Condition when Copying and Removing Directory Trees

CVE-2013-3888 HIGH

Microsoft Windows 7 - TOCTOU Race Condition

CVE-2012-5630 MEDIUM

libuser 0.56-0.57 - Time-of-check Time-of-use Race Condition

CVE-2011-10035 HIGH

Nagios XI < 2011R1.9 - Privilege Escalation via Crontab Install Script Race Condition

CVE-2011-4126 HIGH

calibre - Time-of-check Time-of-use Race Condition in linux_mount_helper

CVE-2005-1111 MEDIUM

cpio <2.6 - Local Privilege Escalation

PHP 4.x-5.0.0RC3 - Remote Code Execution

Previous Page 26 of 27 Next

Details

Vulnerabilities 651

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy