uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file creation. When the utility identifies a missing path, it later attempts creation using File::create, which internally uses OTRUNC. An attacker can exploit this window to create ...

CVE-2026-35360

The CVE-2026-35360 entry concerns the touch utility in uutils coreutils. A TOCTOU race occurs during file creation: when touch detects a missing path, it later calls File::create(), which uses O_TRUNC, allowing a local attacker to create a file or swap a symlink at the target path. This can cause...

CVE-2026-35360

The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file creation. When the utility identifies a missing path, it later attempts creation using File::create, which internally uses OTRUNC. An attacker can exploit this window to create ...

EUVD-2009-1678

Malware in sbrugna...

EUVD-2014-1499

Malware in sbrugna...

EUVD-2008-1589

Malware in sbrugna...

EUVD-2012-4193

Malware in sbrugna...

CVE-2012-4249

The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch before 5.1.2 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC property, a different vulnerability than...

CVE-2012-4249

The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch before 5.1.2 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC property, a different vulnerability than...