Lucene search
K

15 matches found

CVE
CVE
added 2026/06/23 12:12 p.m.14 views

CVE-2026-56258

CVE-2026-56258 affects Crawl4AI prior to 0.8.8. An arbitrary file write exists in the screenshot and PDF endpoints via output_path, exploiting insufficient path validation and symlink following with TOCTOU. Unauthenticated remote attackers can write files outside the intended directory, potential...

9.2CVSS6.5AI score0.00656EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a TOCTOU race condition in the tpacketsnd function’s mmap d vnethdr operation. This vulnerability...

7.8CVSS5.8AI score0.00103EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 3:16 p.m.3 views

CVE-2023-20548

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...

7.8CVSS0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 1:57 p.m.27 views

CVE-2025-14740 Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerabilities

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation scenarios: Scenario 1...

6.7CVSS0.00196EPSS
Exploits0References3
OSV
OSV
added 2026/01/13 8:53 a.m.4 views

BIT-VIRTUALENV-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS6.4AI score0.00085EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/06 10:48 p.m.4 views

CVE-2025-47332 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver

Memory corruption while processing a config call from userspace...

6.7CVSS6.7AI score0.00056EPSS
Exploits0References1
OSV
OSV
added 2025/08/06 4:15 p.m.6 views

CVE-2024-8244

The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU time of check/time of use race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress...

6.7AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/04/29 2:56 p.m.5 views

SUSE CVE-2025-46327

gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and...

6.3CVSS6.5AI score0.00111EPSS
Exploits0References4
Snyk
Snyk
added 2024/10/29 2:45 p.m.6 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview waitress is a production-quality pure-Python WSGI server with very acceptable performance. Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in HTTP pipelining when handling an invalid initial request. An attacker can exploit this...

9.3CVSS6.9AI score0.00496EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/03/02 5:20 a.m.9 views

SUSE CVE-2023-52478

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidppconnectevent has four time-of-check vs time-of-use TOCTOU races when it races with itself. hidppconnectevent primarily runs from a workqueue but it also runs o...

5.8CVSS6.3AI score0.00171EPSS
Exploits0References16
ATTACKERKB
ATTACKERKB
added 2023/09/11 3:15 p.m.3 views

CVE-2023-27470

BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportServiceN-Central\PushUpdates, leading to arbitrary file deletion...

7CVSS7.3AI score0.00537EPSS
Exploits2References2
OSV
OSV
added 2023/06/12 7:15 p.m.5 views

CVE-2022-27541

Potential Time-of-Check to Time-of Use TOCTOU vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.6 views

Insyde InsydeH2O 安全漏洞

RUGGEDCOM APE1808 is a utility-level application hosting platform that allows you to deploy a range of commercial applications for edge computing and network security in harsh industrial environments.A competitive condition vulnerability exists in the Siemens RUGGEDCOM APE1808 product family, whi...

6.4CVSS6.7AI score0.00151EPSS
Exploits0References7
CNVD
CNVD
added 2021/09/29 12:0 a.m.16 views

Zoom Plugin Code Execution Vulnerability

Zoom Plugin is a plug-in from Zoom ZOOM, Inc. A security vulnerability exists in previous versions of Zoom Plugin for Microsoft Outlook for MacOS 5.3.52553.0918, which stems from a Time of Check Use TOC TOU vulnerability included in the plug-in installation process. An attacker could exploit this...

7.5CVSS3.2AI score0.00566EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/07/22 5:59 p.m.5 views

nss: TOCTOU, potential use-after-free in libssl's session ticket processing (MFSA 2014-12)

A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application...

9.3CVSS7.1AI score0.0399EPSS
Exploits1References5
Rows per page
Query Builder