Lucene search
+L

1297 matches found

NVD
NVD
added 2026/06/09 5:17 p.m.21 views

CVE-2026-45647

Time-of-check time-of-use toctou race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

7CVSS0.00215EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:5 p.m.11 views

EUVD-2026-35571

Time-of-check time-of-use toctou race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

5.5CVSS5.4AI score0.00215EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:5 p.m.32 views

CVE-2026-45647

CVE-2026-45647 describes a time-of-check time-of-use (TOCTOU) race condition in Microsoft Defender for Endpoint (Mac) that can allow an authorized locally logged-in attacker to elevate privileges. The Red Hat, NVD, MSRC and CVE records consistently frame the issue as a local elevation of privileg...

7CVSS5.4AI score0.00215EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 4:35 p.m.36 views

CVE-2026-49958 Hermes WebUI < 0.51.303 TOCTOU Race Condition via git_discard

Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use TOCTOU race condition vulnerability in the gitdiscard function within api/workspacegit.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlin...

5CVSS0.00081EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.22 views

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

7CVSS5.4AI score0.00215EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48010

Name of the Vulnerable Software and Affected Versions Microsoft Defender for Endpoint for Mac affected versions not specified Description A time-of-check time-of-use TOCTOU race condition occurs in Microsoft Defender for Endpoint. This is a software bug where a system checks a condition such as a...

7CVSS5.8AI score0.00215EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.22 views

PT-2026-47969

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A Time-of-check time-of-use TOCTOU race condition exists in the Program Compatibility Assistant Service. This flaw allows an authorized attacker to elevate privileges locally, enabling them t...

7.8CVSS5.2AI score0.00184EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.19 views

EulerOS Virtualization 2.12.0 : python-virtualenv (EulerOS-SA-2026-2113)

According to the versions of the python-virtualenv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU...

4.5CVSS5.4AI score0.00085EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.11 views

CVE-2022-23826

A TOCTOU Time-Of-Check to Time-Of-Use in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity...

1.8CVSS5.5AI score0.00082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.10 views

CVE-2026-3428

A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center华硕大厅 allows a local user to achieve privilege escalation to Administrator via exploitation of a Time-of-check Time-of-use TOC-TOU during the update process, where an unexpected payload is substitut...

5.4CVSS5.5AI score0.00074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.10 views

CVE-2026-34354

Akamai Guardicore Platform Agent GPA and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket in the world-writable /tmp directory. It accepts unauthenticated IPC control messages. This enables a TOCTOU vulnerability in the...

7.4CVSS5.7AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.12 views

CVE-2026-41702

VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...

7.8CVSS5.5AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.12 views

CVE-2026-45208

A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.1AI score0.003EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 3:25 p.m.9 views

GHSA-5X9F-6VG5-QG4M Omni has a TOCTOU race condition that allows multiple concurrent uses of a single-use SAML session token

Summary SAML.getSession internal/pkg/auth/interceptor/saml.go checks the Used flag on a SAMLAssertion resource and then marks it used in two separate state operations. Because the check and the update are not atomic, concurrent requests carrying the same saml-session token can both observe Used =...

7CVSS5.4AI score0.00018EPSS
Exploits0References4
NVD
NVD
added 2026/06/03 1:16 p.m.10 views

CVE-2025-41259

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

7.3CVSS0.00101EPSS
Exploits0References3
OSV
OSV
added 2026/06/03 1:16 p.m.7 views

DEBIAN-CVE-2025-41259

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

7.3CVSS5.4AI score0.00101EPSS
Exploits0References1
OSV
OSV
added 2026/06/03 1:16 p.m.10 views

UBUNTU-CVE-2025-41259

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

7.3CVSS5.2AI score0.00101EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/03 11:1 a.m.14 views

EUVD-2025-210052

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

7.3CVSS5.8AI score0.00101EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/03 11:1 a.m.10 views

CVE-2025-41259

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

7.3CVSS5.4AI score0.00101EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.16 views

PT-2026-45914

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

7.3CVSS5.8AI score0.00101EPSS
Exploits0References5
Rows per page
Query Builder