Lucene search
K

394 matches found

NVD
NVD
added yesterday3 views

CVE-2026-57973

Time-of-check time-of-use toctou race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally...

6.3CVSS
Exploits0References1
NVD
NVD
added yesterday2 views

CVE-2026-56648

Time-of-check time-of-use toctou race condition in Windows Network File System allows an authorized attacker to elevate privileges over a network...

7.5CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-50658

Time-of-check time-of-use toctou race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally...

7CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday19 views

CVE-2026-4018 TOCTOU race condition in the QNX Neutrino kernel impacts versions of the QNX Software Development Platform and QNX OS for Safety

TOCTOU Race Condition in specific trace commands of the TraceEvent system call could allow an attacker with local access and with the PROCMGRAIDTRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel...

6.4CVSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added yesterday4 views

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score
Exploits0
CVE
CVE
added 5 days ago7 views

CVE-2026-21046

The vulnerability CVE-2026-21046 concerns the fabricKeymaster trustlet. It describes a time-of-check time-of-use race condition that exists prior to the SMR Jul-2026 Release 1. Impact is local: a privileged attacker could execute arbitrary code. The provided sources specify the affected component...

8.4CVSS6.2AI score0.00096EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Erlang/OTP 25.3 < 27.3.4.14 / 28.0 < 28.5.0.3 / 29.0 < 29.0.3 DoS (CVE-2026-55950)

The version of Erlang/OTP installed on the remote host is 25.3 prior to 27.3.4.14, 28.0 prior to 28.5.0.3, or 29.0 prior to 29.0.3. It is, therefore, affected by a vulnerability: - Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an...

8.7CVSS6.2AI score0.00384EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/06 7:54 p.m.5 views

EUVD-2026-24994

install -D: symlink race in directory creation allows arbitrary file overwrite...

6.3CVSS6AI score0.00108EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-55950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all...

8.7CVSS6AI score0.00384EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 4:6 p.m.10 views

CVE-2026-55950 DTLS listener crash via race condition in dtls_packet_demux causes denial of service for all sessions

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS6AI score0.00384EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:7 p.m.6 views

CVE-2026-12374

Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 7:54 p.m.41 views

CVE-2026-10546 DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 2:9 a.m.16 views

CVE-2026-14160

Technical details about CVE-2026-14160 are not publicly provided in the supplied documents. Monitor for updates from Samsung Escargot advisories and NVD entries.

5.9CVSS5.8AI score0.0009EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-54370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by...

7.2CVSS6.1AI score0.00091EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 2:16 p.m.6 views

UBUNTU-CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 12:38 p.m.8 views

EUVD-2026-40086

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/29 12:38 p.m.55 views

CVE-2026-54370 acl < 2.4.0 TOCTOU Symlink Traversal via getfacl/setfacl/chacl

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS0.00091EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/29 10:15 a.m.57 views

CVE-2026-41991 Predictable Temporary File in GNU gzip

GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely on the process ID PID. This predictable filename is created without...

2CVSS0.00105EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/28 2:45 p.m.11 views

EUVD-2026-40000

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xsk: cache csumstart/csumoffset to fix TOCTOU in xskskbmetadata The TX metadata area resides in the UMEM buffer which is memory-mapped and concurrently writable...

7.8CVSS6.1AI score0.00112EPSS
Exploits0References4
Rows per page
Query Builder