28 matches found
EUVD-2017-3983
Malware in sbrugna...
EUVD-2022-48663
Malicious code in bioql PyPI...
EUVD-2021-9515
Malicious code in bioql PyPI...
EUVD-2022-29305
Malicious code in bioql PyPI...
EUVD-2025-3156
Malicious code in bioql PyPI...
CVE-2024-21792
Time-of-check Time-of-use race condition in IntelR Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2022-41744
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection integrated component could allow a local attacker to escalate privileges and turn a specific working directory into a mount point on affected installations. Please note: an attacker must first obtain th...
CVE-2024-0132
A flaw was found in the NVIDIA Container Toolkit. Affected versions contain a Time-of-check Time-of-Use TOCTOU vulnerability when used with the default configuration, where a specifically crafted container image may gain access to the host file system. This issue does not impact use cases where C...
MGASA-2024-0301 Updated postgresql15 & postgresql13 packages fix security vulnerability
Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...
CVE-2024-29149
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8NOE-R300.1.40.12.4180 and SIP deskphones through 86x8SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image with malicious firmwar...
CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack
ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...
Themebleed- Windows 11 Themes Arbitrary Code Execution CVE-2023-38146
When an unpatched Windows 11 host loads a theme file referencing an msstyles file, Windows loads the msstyles file, and if that file's PACKMEVERSION is 999, it then attempts to load an accompanying dll file ending in vrf.dll Before loading that file, it verifies that the file is signed. It does...
CVE-2023-32554
Technical details for CVE-2023-32554 are not publicly available in the provided documents. No confirmed affected products, versions, or fixes are disclosed here. Monitor for updates from official advisories to obtain concrete impact, remediation, and exploitation information.
CVE-2023-32554
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in...
Arbitrary file deletion
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use TOCTOU vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later...
Debian DSA-5265-1 : tomcat9 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5265 advisory. - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the...
Design/Logic Flaw
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss...
Time-of-check To Time-of-use (TOCTOU)
tensorflow is vulnerable to time-of-check to time-of-use vulnerability. The use of tempfile.mktemp allows different process to create the file between the check for the filename in mktemp and the actual creation of the file by a subsequent operation...
JetBrains Security Bulletin Q4 2021
JetBrains Security JetBrains Security Bulletin Q4 2021 Robert Demmer In the fourth quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved. Product | Description | Severity...
CVE-2022-23181
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is...