CWE-367— Time-of-check Time-of-use (TOCTOU) Race Condition
597 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-367page 5 of 12
- CVE-2022-32955HIGHCVSS 7.0EG 7.02023-02-15
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of…
- CVE-2022-33214HIGHCVSS 8.4EG 7.02022-10-19
Memory corruption in display due to time-of-check time-of-use of metadata reserved size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
- CVE-2022-33257CRITICALCVSS 9.3EG 7.02023-03-10
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
- CVE-2022-33270HIGHCVSS 7.5EG 5.92023-04-13
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
- CVE-2022-33691MEDIUMCVSS 6.2EG 4.72022-07-12
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations.
- CVE-2022-33905HIGHCVSS 7.0EG 7.02022-11-15
DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attack). DMA transactions which are targeted at input buffers used for the software SMI handler used b…
- CVE-2022-33906MEDIUMCVSS 6.4EG 6.42022-11-15
DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI h…
- CVE-2022-33907MEDIUMCVSS 6.4EG 6.42022-11-14
DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the s…
- CVE-2022-33908HIGHCVSS 7.0EG 7.02022-11-15
DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handle…
- CVE-2022-33909HIGHCVSS 7.0EG 7.02022-11-15
DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler…
- CVE-2022-33982MEDIUMCVSS 6.4EG 6.42022-11-14
DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler use…
- CVE-2022-33983HIGHCVSS 7.0EG 7.02022-11-15
DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI ha…
- CVE-2022-33984HIGHCVSS 7.0EG 7.02022-11-15
DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler…
- CVE-2022-33985HIGHCVSS 7.0EG 7.02022-11-15
DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handl…
- CVE-2022-33986MEDIUMCVSS 6.4EG 6.42022-11-15
DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack. DMA attacks on the parameter buffer used by the software SMI handler used by the driver VariableRuntimeDxe could lead to…
- CVE-2022-34325HIGHCVSS 7.8EG 7.82022-11-14
DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the softwa…
- CVE-2022-34398HIGHCVSS 7.5EG 7.02023-02-01
Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execut…
- CVE-2022-34830HIGHCVSS 7.5EG 7.52022-11-23
An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operations to gain access to already freed memory.
- CVE-2022-34899HIGHCVSS 7.8EG 7.82022-07-18
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order…
- CVE-2022-3590MEDIUMCVSS 5.9EG 9.02022-12-14
WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.
- CVE-2022-36927HIGHCVSS 8.8EG 7.82023-01-09
Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
- CVE-2022-36929HIGHCVSS 7.8EG 7.82023-01-09
The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM us…
- CVE-2022-36980HIGHCVSS 8.1EG 8.12023-03-29
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be b…
- CVE-2022-3700MEDIUMCVSS 6.1EG 6.12023-10-27
A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files.
- CVE-2022-3701HIGHCVSS 7.8EG 7.82023-10-27
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and earlier that could allow a local attacker to execute arbitrary code with elevated privileges.
- CVE-2022-3702MEDIUMCVSS 6.1EG 6.12023-10-27
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3.0.5 and earlier that could allow a local attacker to delete contents of an arbitrary directory under certain conditions.
- CVE-2022-38730MEDIUMCVSS 6.3EG 6.32023-04-27
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. …
- CVE-2022-39908MEDIUMCVSS 6.9EG 7.42022-12-08
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.
- CVE-2022-4143MEDIUMCVSS 6.4EG 6.42023-06-28
An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5, from 15.9 before 15.9.4, and from 15.10 before 15.10.1 that allows for crafted, unapproved MRs to be introduced and merged without authorization
- CVE-2022-4149HIGHCVSS 7.0EG 7.02023-06-15
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory (C:\Users\Public\netSkope) for a standard user. The files are created and written with a SYSTEM account except…
- CVE-2022-41744HIGHCVSS 7.0EG 7.02022-10-10
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection integrated component could allow a local attacker to escalate privileges and turn a specific working directory into a mount point on affected in…
- CVE-2022-43777HIGHCVSS 7.8EG 7.82023-06-12
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
- CVE-2022-43778HIGHCVSS 7.8EG 7.82023-06-12
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
- CVE-2022-43779HIGHCVSS 7.0EG 7.02023-02-12
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. …
- CVE-2022-43946HIGHCVSS 7.5EG 8.12023-04-11
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.…
- CVE-2022-44651HIGHCVSS 7.0EG 7.02022-12-12
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability …
- CVE-2022-44670HIGHCVSS 8.1EG 8.12022-12-13
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
- CVE-2022-45809MEDIUMCVSS 5.3EG 5.32023-12-19
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ricard Torres Thumbs Rating.This issue affects Thumbs Rating: from n/a through 5.0.0.
- CVE-2022-45842MEDIUMCVSS 5.3EG 3.72022-11-30
Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores.
- CVE-2022-47631HIGHCVSS 7.8EG 7.02023-09-14
Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service…
- CVE-2022-48191HIGHCVSS 7.0EG 7.02023-01-20
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original…
- CVE-2022-48618HIGHCVSS 7.0EG 9.0⚠ KEV2024-01-09
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. A…
- CVE-2022-48682MEDIUMCVSS 6.0EG 6.02024-04-26
In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.
- CVE-2023-0006MEDIUMCVSS 6.3EG 6.32023-04-12
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
- CVE-2023-0778MEDIUMCVSS 6.8EG 6.82023-03-27
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file sy…
- CVE-2023-1295HIGHCVSS 7.8EG 7.82023-06-28
A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e…
- CVE-2023-1585MEDIUMCVSS 6.5EG 6.52023-04-19
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 2…
- CVE-2023-1586MEDIUMCVSS 6.5EG 6.52023-04-19
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11
- CVE-2023-2007HIGHCVSS 7.8EG 7.82023-04-24
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate p…
- CVE-2023-20135MEDIUMCVSS 5.7EG 5.72023-09-13
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to a time-of-check, time-of-use (TOC…
Map vulnerabilities like CWE-367 to your infrastructure
EchelonGraph correlates every CVE — across CWE-367 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →