Lucene search
K

41 matches found

Microsoft CVE
Microsoft CVE
added yesterday4 views

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score
Exploits0
CVE
CVE
added 5 days ago7 views

CVE-2026-21046

The vulnerability CVE-2026-21046 concerns the fabricKeymaster trustlet. It describes a time-of-check time-of-use race condition that exists prior to the SMR Jul-2026 Release 1. Impact is local: a privileged attacker could execute arbitrary code. The provided sources specify the affected component...

8.4CVSS6.2AI score0.00096EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 12:14 p.m.39 views

CVE-2026-44946

CVE-2026-44946 describes a SAML authentication replay vulnerability in Rancher’s Assertion Consumer Service (ACS) handler, where one-time use of SAML assertions was not enforced. The issue can enable man‑in‑the‑middle style abuse against Rancher, affecting Rancher 2.14.0 up to (but not including)...

9.5CVSS5.8AI score0.00291EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/30 12:14 p.m.36 views

CVE-2026-44946 SAML Authentication Replay in Rancher

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service ACS handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,...

9.5CVSS0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 12:14 p.m.4 views

CVE-2026-44946 SAML Authentication Replay in Rancher

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service ACS handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,...

9.5CVSS5.9AI score0.00291EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-53861

Name of the Vulnerable Software and Affected Versions Rancher versions 2.14.0 through 2.14.2 Rancher versions 2.13.0 through 2.13.6 Rancher versions 2.12.0 through 2.12.10 Rancher versions 2.11.0 through 2.11.14 Description A SAML authentication replay issue exists in the Assertion Consumer Servi...

9.5CVSS5.9AI score0.00291EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53250

CVE-2026-53250 : In the Linux kernel, the xsk_skb_metadata() path is vulnerable to a TOCTOU race in which csum_start and csum_offset are read from shared UMEM and then read again for skb assignment. A malicious userspace process can overwrite values between reads, bypassing bounds checks and caus...

7.8CVSS5.9AI score0.00112EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/06/11 7:16 a.m.14 views

CVE-2026-41000

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 5:4 a.m.11 views

CVE-2026-41000 WSS4J validation does not use configured replay cache

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS5.4AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 5:4 a.m.27 views

CVE-2026-41000 WSS4J validation does not use configured replay cache

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS0.00223EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 5:4 a.m.11 views

EUVD-2026-36210

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS5.4AI score0.00223EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/06/10 12:0 a.m.8 views

cve-2026-41000 - LOW - WSS4J validation does not use configured replay cache

cve-2026-41000 - LOW - WSS4J validation does not use configured replay cache...

3.7CVSS6.1AI score0.00223EPSS
Exploits0
Snyk
Snyk
added 2026/06/10 12:0 a.m.9 views

Replay Attack

Overview Affected versions of this package are vulnerable to Replay Attack due to the Wss4jSecurityInterceptor class in Wss4jSecurityInterceptor.java not consistently wiring configured Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, replay protections...

6.3CVSS5.4AI score0.00223EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.23 views

PT-2026-46987

Name of the Vulnerable Software and Affected Versions Omni affected versions not specified Description A TOCTOU Time-of-Check to Time-of-Use race condition exists in the SAML.getSession function within internal/pkg/auth/interceptor/saml.go. The system checks the Used flag of a SAMLAssertion...

7CVSS5.8AI score0.00018EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/03 11:1 a.m.42 views

CVE-2025-41259 SWUpdate Untrusted Script Execution via Signed Update TOCTOU

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

7.3CVSS0.00101EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 2:16 p.m.23 views

CVE-2026-45208

A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS0.003EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/19 4:29 p.m.13 views

libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

7CVSS5.7AI score0.00188EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/06 9:31 p.m.10 views

Duplicate Advisory: OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5h3g-6xhh-rg6p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that...

8.3CVSS5.7AI score0.00208EPSS
Exploits0References5Affected Software1
GithubExploit
GithubExploit
added 2026/05/06 6:12 a.m.101 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Packagekit_Project Packagekit

CVE-2026-41651 — Pack2TheRoot Analysis PackageKit Local P...

8.8CVSS5.8AI score0.0046EPSS
Exploits10
CVE
CVE
added 2026/04/22 4:8 p.m.24 views

CVE-2026-35352

CVE-2026-35352 affects the mkfifo utility in uutils coreutils. A TOCTOU race exists: the tool creates a FIFO and then performs a path-based chmod. A local attacker with write access to the parent directory can replace the newly created FIFO with a symbolic link between the two operations, causing...

7CVSS5.9AI score0.00147EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder