Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2025/12/16 8:52 p.m.4 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition during lock file creation. An attacker can corrupt or truncate arbitrary files by exploiting a race condition between the existence check and file opening with OTRUNC, allowing the creatio...

6.5CVSS6.6AI score0.00184EPSS
Exploits1References4
OSV
OSVadded 2025/12/16 6:10 p.m.2 views

CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation

filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...

6.3CVSS6.1AI score0.00184EPSS
Exploits1References6
Cvelist
Cvelistadded 2025/12/16 6:10 p.m.23 views

CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation

filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...

6.3CVSS0.00184EPSS
Exploits1References4
CVE
CVEadded 2025/12/16 6:10 p.m.34 views

CVE-2025-68146

CVE-2025-68146 affects the Python filelock package. A TOCTOU race in lock file creation allows local attackers with filesystem access to exploit symlinks and truncate target files. The vulnerability exists in UnixFileLock and WindowsFileLock for versions before 3.20.1; an attacker can create a sy...

6.5CVSS5.8AI score0.00184EPSS
Exploits1References4Affected Software1
securityvulns
securityvulnsadded 2011/10/20 12:0 a.m.27 views

X.Org multiple security vulnerabilities

Memory corruprions, insecure lock file creation...

8.5CVSS2.5AI score0.05347EPSS
Exploits6References1Affected Software1
Cvelist
Cvelistadded 2010/03/09 7:0 p.m.30 views

CVE-2010-0791

The 1 ncpmount, 2 ncpumount, and 3 ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service application failure via unspecified vectors that trigger the creation of a /etc/mtab file that persists after the program exits...

5.9AI score0.00359EPSS
Exploits0References6
Exploit DB
Exploit DBadded 2000/04/19 12:0 a.m.29 views

Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4 / UoW imap 4.5 popd - Lock File Denial of Service

source: https://www.securityfocus.com/bid/1132/info Vulnerabilities exist in a number of pop3 daemon implementations, having to do with their creation of lock files. Affected include Qualcomm's qpopper, and the popd included as part of the imap-4 rpm from RedHat. Lockfiles in both implementation...

7.4AI score
Exploits0
Rows per page
Query Builder