Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

649 vulnerabilities with CWE-367

CVE-2025-48001 MEDIUM

Windows BitLocker Security Feature Bypass via TOCTOU Race Condition

CVE-2025-38217 MEDIUM

Linux Kernel 6.3-6.6.94, 6.7-6.12.34, 6.13-6.15.3 - Time-of-check Time-of-use Race Condition in fts_read()

CVE-2025-38112 MEDIUM

Linux Kernel - Time-of-check Time-of-use Race Condition in sk_is_readable()

CVE-2025-46415 LOW

Nix/Lix/Guix <2.24.15/2.26.4/2.28.4/2.29.1 - Info Disclosure

CVE-2025-6217 LOW

PEAK-System Driver - Info Disclosure

CVE-2025-3464 HIGH

ASUS Armoury Crate 5.9.9.0-6.1.18 - Authentication Bypass via TOCTOU Race Condition

CVE-2025-21485 HIGH

Qualcomm FastConnect 6900 Firmware - Memory Corruption via FastRPC INIT and Multimode Invoke IOCTL

CVE-2025-46805 MEDIUM

Screen <5.0.0 - Privilege Escalation

CVE-2025-34027 CRITICAL

Versa Concerto 12.1.2-12.2.0 - RCE via Traefik Auth Bypass and TOCTOU Race

CVE-2025-47290 MEDIUM

containerd 2.1.0 - Time-of-check Time-of-use Race Condition during Image Unpacking

CVE-2025-30663 HIGH

Zoom Workplace Apps < 6.4.0 - Authenticated Privilege Escalation via TOCTOU Race Condition

CVE-2025-20082 HIGH

Intel(R) Server D50DNP/M50FCP - Privilege Escalation

CVE-2025-29969 HIGH

Windows Fundamentals - Code Injection

CVE-2025-29833 HIGH

Windows Virtual Machine Bus - Code Injection

CVE-2025-46336 MEDIUM

Rack::Session <2.1.1 - Privilege Escalation

CVE-2025-30101 MEDIUM

Dell PowerScale OneFS <9.10.1.0 - DoS

CVE-2025-32441 MEDIUM

Rack < 2.2.14 - Unauthenticated Session Restoration via Race Condition in Rack::Session::Pool

CVE-2025-3599 MEDIUM

Symantec Eraser Engine < 119.1.7.8 - Elevation of Privilege via TOCTOU Race Condition

CVE-2025-46328 LOW

Snowflake-Connector-NodeJS <2.0.4 - Privilege Escalation

CVE-2025-46327 LOW

gosnowflake <1.13.3 - Info Disclosure

CVE-2025-46326 LOW

Snowflake Connector <4.4.1 - Info Disclosure

CVE-2025-22060 MEDIUM

Linux Kernel 3.17-6.14.1 - TCAM/SRAM Time-of-check Time-of-use Race Condition

CVE-2025-32784 HIGH

conda-forge-webservices <2025.4.10 - TOCTOU

CVE-2025-27812 HIGH

MSI Center <2.0.52.0 - Privilege Escalation

CVE-2025-21191 HIGH

Windows 10 1507-24H2 and Windows Server 2008 - Privilege Escalation via LSA TOCTOU Race Condition

Previous Page 9 of 26 Next

Details

Vulnerabilities 649

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy