Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/05/07 8:20 a.m.7 views

CVE-2026-34596

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...

7CVSS5.7AI score0.00015EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2026/04/22 12:0 a.m.2 views

PT-2026-34491

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file installation. The implementation unlinks an existing destination file and then recreates it using a path-based operation without the O EXCL flag. A local attacker can exploit...

6.3CVSS5.8AI score0.00013EPSS
Exploits1References3
NVD
NVDadded 2026/03/12 3:15 a.m.1 views

CVE-2026-1878

An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...

5.4CVSS0.0001EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 8:44 a.m.7 views

CVE-2019-6232

A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution...

7.6CVSS7AI score0.00466EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/02/14 12:0 a.m.6 views

PT-2024-19163 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: Apache Tomcat affected versions not specified Description: The issue is related to insecure permissions in the packaging of Apache Tomcat, allowing local users to escalate to root if they win a race during package installation. This is a loca...

7.8CVSS7.5AI score0.62079EPSS
Exploits2References54
RedHat Linux
RedHat Linuxadded 2024/01/25 11:15 a.m.37 views

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.7CVSS6.7AI score0.00202EPSS
Exploits3References4
RedHat Linux
RedHat Linuxadded 2024/01/25 9:1 a.m.3 views

rpm: races with chown/chmod/capabilities calls during installation

A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system...

6.7CVSS7.1AI score0.00149EPSS
Exploits1References5
OSV
OSVadded 2019/12/18 6:15 p.m.1 views

CVE-2019-6236

A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution...

7.5CVSS7.3AI score0.00466EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2003/04/24 12:0 a.m.22 views

VapidSAP.txt

Vapid Labs SAP database local root vulnerability during installation. December 10, 2002 I. BACKGROUND SAP DB is a Free Enterprise database http://www.sapdb.org. An exploitable race condition exists during installation that can be won to yield root to a local malicous user. An executable is world...

7.4AI score
Exploits0
Rows per page
Query Builder