Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367

CVE-2025-61037 HIGH

SevenCs ORCA G2 2.0.1.35 - Privilege Escalation

CVE-2025-69211 HIGH

NestJS platform-fastify < 11.1.11 - Unauthenticated Middleware Bypass via Fastify URL Encoding

CVE-2025-64645 HIGH

IBM Concert 1.0.0-2.1.0 - Privilege Escalation via Symbolic Link Race Condition

CVE-2025-34290 HIGH

Versa SASE Client for Windows <7.9.4 - Privilege Escalation

CVE-2025-62004 HIGH

BullWall Server Intrusion Protection 4.6.0.0 4.6.0.6 4.6.0.7 4.6.1.4 - Authenticated MFA Bypass via Race Condition

CVE-2025-62003 HIGH

BullWall Server Intrusion Protection 4.6.0.0 4.6.0.6 4.6.0.7 4.6.1.4 - Authenticated MFA Bypass via RDP Connection Delay

CVE-2025-68146 MEDIUM

filelock < 3.20.1 - Time-of-Check-Time-of-Use Race Condition via Symlink Attack

CVE-2025-62724 MEDIUM

Open OnDemand <4.0.8, <3.1.16 - Info Disclosure

CVE-2025-58407 HIGH

Kernel or driver - Memory Corruption

CVE-2025-31146 MEDIUM

Intel Ethernet Adapter Complete Driver Pack <1.5.1.0 - DoS

CVE-2025-27725 MEDIUM

ACAT < 3.13 - Authenticated Denial of Service via Time-of-check Time-of-use Race Condition

CVE-2025-13032 CRITICAL

Avast Antivirus < 25.3 - Local Privilege Escalation via Sandbox Kernel Driver Double Fetch

CVE-2025-64457 MEDIUM

JetBrains dotTrace ReSharper and Rider < 2025.2.5 - Local Privilege Escalation via Race Condition

CVE-2025-64180 CRITICAL

Manager-io/Manager <25.11.1.3085 - Privilege Escalation

CVE-2025-20740 MEDIUM

MediaTek Software Development Kit < 3.7 - Local Information Disclosure via Race Condition in WLAN STA Driver

CVE-2025-64118 MEDIUM

tar 7.5.1 - Information Exposure via Uninitialized Memory in .list with sync: true

CVE-2025-62511 MEDIUM

YtGrabber-TUI < 1.0.1 - Time-of-Check Time-of-Use Race Condition in Config File Creation

CVE-2025-54271 MEDIUM

Adobe Creative Cloud < 6.8.0.821 - Time-of-check Time-of-use Race Condition

CVE-2025-59497 HIGH

Microsoft Defender for Endpoint < 101.25032.0010 - Authenticated Denial of Service via TOCTOU Race Condition

CVE-2025-59261 HIGH

Windows 11 22H2-25H2 & Server 2022-2025 Privilege Escalation via Graphics TOCTOU

CVE-2025-55696 HIGH

NtQueryInformation Token - Privilege Escalation

CVE-2025-55680 HIGH

Windows Cloud Files Mini Filter Driver - Privilege Escalation

CVE-2025-42701 MEDIUM

Falcon sensor <7.24 - Privilege Escalation

CVE-2025-58131 MEDIUM

Zoom Workplace VDI Plugin <6.4.10 - Info Disclosure

CVE-2025-55236 HIGH

Windows 10/11, Server 2019/2022/2025 - Local Code Execution via Graphics Kernel TOCTOU

Previous Page 7 of 26 Next

Details

Vulnerabilities 649

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy