Lucene search
+L

1295 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-45034

A time-of-check to time-of-use TOCTOU flaw in the illumos data-link pseudo-driver dld affects handling of the DLDIOCGETMACPROP and DLDIOCSETMACPROP ioctls on /dev/dld. drviocpropcommon in usr/src/uts/common/io/dld/dlddrv.c copies the dldiocmacpropt ioctl header in once to read its prvalsize field...

5.8CVSS6.2AI score
Exploits0References3
CVE
CVE
added yesterday6 views

CVE-2026-15449

CVE-2026-15449 describes a TOCTOU vulnerability in the illumos data-link pseudo-driver (dld) regarding handling of DLDIOC_GETMACPROP and DLDIOC_SETMACPROP ioctls on /dev/dld. In drv_ioc_prop_common(), the header is read once to obtain pr_valsize, a kernel heap buffer is allocated, and then the fu...

5.8CVSS6.2AI score
Exploits0References3
CVE
CVE
added 2 days ago34 views

CVE-2026-45804

Diffusers CVE-2026-45804 describes a TOCTOU race in DiffusionPipeline.from_pretrained where two Hub fetches (config via hf_hub_download and a snapshot via snapshot_download) can resolve to different commits. An attacker could push commit B after the first check, causing the newer commit’s model_i...

7.5CVSS6.2AI score0.00268EPSS
Exploits0References5
NVD
NVD
added 3 days ago6 views

CVE-2026-48344

Creative Cloud Desktop is affected by a Time-of-check Time-of-use TOCTOU Race Condition vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user...

7.8CVSS0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago44 views

CVE-2026-48344 GoCart | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)

Creative Cloud Desktop is affected by a Time-of-check Time-of-use TOCTOU Race Condition vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user...

7.8CVSS0.00104EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-48344

CVE-2026-48344 involves Creative Cloud Desktop and a TOCTOU race condition (CWE-367) that could lead to arbitrary code execution in the context of the current user . The issue is described as exploitable under conditions beyond the attacker’s control, with no user interaction required . Per the c...

7.8CVSS6.5AI score0.00104EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 3 days ago4 views

Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability

Time-of-check time-of-use toctou race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally...

6.3CVSS6.1AI score0.00159EPSS
Exploits0
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-58790

Name of the Vulnerable Software and Affected Versions Creative Cloud Desktop affected versions not specified Description A Time-of-check Time-of-use TOCTOU Race Condition exists, which is a software bug where a program checks the state of a resource and then acts on that resource, but the state...

7.8CVSS6.5AI score0.00104EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-58637

Name of the Vulnerable Software and Affected Versions Windows Subsystem for Linux versions prior to 2.7.10 Description A time-of-check time-of-use TOCTOU race condition exists in the Windows Subsystem for Linux. This flaw allows an authorized local attacker to perform data tampering. A TOCTOU rac...

6.3CVSS6.1AI score0.00159EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Adobe Creative Cloud < 6.10.0.252.3 Multiple Privilege escalation (APSB26-77)

The version of Adobe Creative Cloud installed on the remote Windows host is prior to 6.10.0.252.3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-77 advisory. - Creative Cloud Desktop is affected by a Time-of-check Time-of-use TOCTOU Race Condition vulnerabilit...

7.8CVSS6.5AI score0.00131EPSS
Exploits0References3
NVD
NVD
added last week5 views

CVE-2026-45203

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but befo...

7.8CVSS0.00092EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week1 views

CVE-2026-45203

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but befo...

7.8CVSS6.1AI score0.00092EPSS
Exploits0References2
Snyk
Snyk
added last week6 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview 9router is a 9Router CLI - Start and manage 9Router server Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through the image process in open-sse/translator/concerns/image.js. An attacker can access internal-only HTTP services by...

7.4CVSS6.1AI score0.00154EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 5:16 a.m.9 views

CVE-2026-21046

Time-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Release 1 allows local privileged attackers to execute arbitrary code...

8.4CVSS0.00096EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/10 4:58 a.m.7 views

EUVD-2026-42817

Time-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Release 1 allows local privileged attackers to execute arbitrary code...

8.4CVSS6.2AI score0.00096EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 4:58 a.m.33 views

CVE-2026-21046

Time-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Release 1 allows local privileged attackers to execute arbitrary code...

8.4CVSS0.00096EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:58 a.m.6 views

CVE-2026-21046

Time-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Release 1 allows local privileged attackers to execute arbitrary code...

8.4CVSS6.2AI score0.00096EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/07/09 4:16 p.m.7 views

CVE-2025-58151

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/09 2:45 p.m.6 views

CVE-2025-58151

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/07/09 2:45 p.m.18 views

CVE-2025-58151

CVE-2025-58151 affects varstored, a Xen/Xapi component that handles UEFI variables and maps guest memory to OVMF. The vulnerability arises from TOCTOU due to insufficient compiler barriers in the shared buffer, with exploitation depending on compiler-generated code, and the attacker potentially c...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References3
Rows per page
Query Builder