609 matches found
SUSE-SU-2026:1744-1 Security update for python-pytest
This update for python-pytest fixes the following issue - CVE-2025-71176: a TOCTOU race condition can cause a denial of service or possibly gain privileges bsc1257090...
SUSE-SU-2026:21568-1 Security update for python-pytest
This update for python-pytest fixes the following issue: - CVE-2025-71176: a TOCTOU race condition can cause a denial of service or possibly gain privileges bsc1257090...
Security update for sed
This update for sed fixes the following issue: CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file bsc1262144. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2026:1699-1 Security update for sed
This update for sed fixes the following issue: - CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file bsc1262144...
libcap security update
An update is available for libcap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15...
Oracle Linux 8 : libcap (ELSA-2026-13285)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13285 advisory. 2.48-6.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169304 Tenable has extracted the preceding description block directly from the...
CVE-2026-34596 Sandboxie-Plus local privilege escalation via TOCTOU race condition in UpdUtil addon installation
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...
CVE-2026-43529 OpenClaw < 2026.4.10 - Time-of-Check-Time-of-Use (TOCTOU) Race Condition in exec Script Preflight Validator
OpenClaw before 2026.4.10 contains a time-of-check-time-of-use vulnerability in the validateScriptFileForShellBleed function that allows local attackers to bypass workspace boundary checks. An attacker with workspace write access can race-condition swap the target file between validation and...
CLSA-2026-1777941808 libcap: Fix of CVE-2026-4878
CVE-2026-4878: fix TOCTOU race in capsetfile by performing xattr writes via an ONOFOLLOW file descriptor instead of the user-supplied path...
Sandboxie Plus 安全漏洞
Sandboxie Plus is an open-source Windows sandboxing tool developed by Sandboxie Plus. Versions of Sandboxie Plus prior to 1.17.2 contained a security vulnerability, which was caused by a TOCTOU race condition during the plugin installation process. This vulnerability could allow non-privileged...
libcap security update
2.48-6.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169304...
Time-of-check Time-of-use (TOCTOU) Race Condition
Overview prefect is a Prefect is a new workflow management system, designed for modern infrastructure and powered by the open-source Prefect Core workflow engine. Users organize Tasks into Flows, and Prefect takes care of the rest. Affected versions of this package are vulnerable to Time-of-check...
Important: Red Hat Security Advisory: libcap security update
An update for libcap is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RHEL 8 : libcap (RHSA-2026:13285)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:13285 advisory. Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security Fixes: libcap: libcap: Privilege escalation vi...
MiracleLinux 9 : libcap-2.48-10.el9_7.1 (AXSA:2026-540:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-540:01 advisory. libcap: libcap: Privilege escalation via TOCTOU race condition in capsetfile CVE-2026-4878 Tenable has extracted the preceding description block directly from...
AlmaLinux 8 : libcap (ALSA-2026:13285)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:13285 advisory. libcap: libcap: Privilege escalation via TOCTOU race condition in capsetfile CVE-2026-4878 Tenable has extracted the preceding description block directly from the...
Important: libcap security update
Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security Fixes: libcap: libcap: Privilege escalation via TOCTOU race condition in capsetfile CVE-2026-4878 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
Astra Linux - уязвимость в tomcat9
The “Time-of-Check Time-of-Use” TOCTOU race condition vulnerability during JSP compilation in Apache Tomcat allows for a race condition on case-insensitive file systems when the default servlet is enabled for writing non-default configuration. This issue affects Apache Tomcat: from 11.0.0-M1...
libcap security update
An update is available for libcap. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15...
OESA-2026-2140 PackageKit security update
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API. Security Fixes: PackageKit is a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro,...