Lucene search
K

23 matches found

Github Security Blog
Github Security Blog
added 2026/01/13 9:53 p.m.13 views

Outray cli is vulnerable to race conditions in tunnels creation

Summary A TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. Details Affected conponent: apps/web/src/routes/api/tunnel/register.ts - /tunnel/register endpoint code-: ts // Check if tunnel already exists in database const...

6.3CVSS6.9AI score0.00179EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-29676

Malware in sbrugna...

5.6CVSS5AI score0.00344EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-3983

Malware in sbrugna...

7.4CVSS7.3AI score0.00251EPSS
Exploits5References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-37969

Malicious code in bioql PyPI...

7CVSS6.8AI score0.00202EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2025-21865

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00101EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14027

Malicious code in bioql PyPI...

6.3CVSS6.6AI score0.00132EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-48663

Malicious code in bioql PyPI...

5.3CVSS6.1AI score0.00403EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2024-54242

Malicious code in bioql PyPI...

8.6CVSS6.6AI score0.00121EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-9515

Malicious code in bioql PyPI...

9.3CVSS8.1AI score0.0061EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-44915

Malicious code in bioql PyPI...

7CVSS7.1AI score0.00181EPSS
Exploits0References2
OSV
OSV
added 2025/06/14 6:14 a.m.8 views

BIT-GITLAB-2024-9512 Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab

An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync...

5.9CVSS5.5AI score0.00217EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 8:48 a.m.4 views

CVE-2024-21792

Time-of-check Time-of-use race condition in IntelR Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access...

4.7CVSS6.1AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.9 views

CVE-2023-32554

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in...

7CVSS6.6AI score0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:47 a.m.9 views

CVE-2022-44651

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order ...

7CVSS7.2AI score0.0016EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/14 5:31 p.m.18 views

CVE-2025-30663 Zoom Workplace Apps - Time-of-check Time-of-use

Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access...

8.8CVSS8.7AI score0.0013EPSS
Exploits0References1
Veracode
Veracode
added 2025/05/02 7:30 a.m.5 views

Time-of-check Time-of-use (TOCTOU) Race Condition

github.com/snowflakedb/gosnowflake is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. The vulnerability is due to insufficient file ownership validation in checking and using the logging configuration file; this allows local attackers with write access to the file or its...

7CVSS3.6AI score0.00111EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Azure Linux 3.0 Security Update: postgresql (CVE-2024-7348)

The version of postgresql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7348 advisory. - Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execu...

8.8CVSS7.7AI score0.01565EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/03 4:51 p.m.41 views

CVE-2024-45560 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer...

7.8CVSS0.00074EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/09 7:1 p.m.12 views

CVE-2021-46792

Time-of-check Time-of-use TOCTOU in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service...

6.6AI score0.00395EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/19 6:35 p.m.13 views

CVE-2023-1586

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use TOCTOU vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11...

6.5CVSS7AI score0.0021EPSS
Exploits0References1
Rows per page
Query Builder