Total
275 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-25860 | 1 Pengutronix | 1 Rauc | 2023-12-10 | 7.1 HIGH | 6.6 MEDIUM |
The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. An attacker who can modify the update file just before it is reopened can install arbitrary code on the device. | |||||
CVE-2021-23977 | 1 Mozilla | 1 Firefox | 2023-12-10 | 2.6 LOW | 5.3 MEDIUM |
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86. | |||||
CVE-2021-21615 | 1 Jenkins | 1 Jenkins | 2023-12-10 | 3.5 LOW | 5.3 MEDIUM |
Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition. | |||||
CVE-2020-9921 | 1 Apple | 1 Mac Os X | 2023-12-10 | 6.9 MEDIUM | 7.0 HIGH |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with system privileges. | |||||
CVE-2021-26910 | 2 Debian, Firejail Project | 2 Debian Linux, Firejail | 2023-12-10 | 6.9 MEDIUM | 7.0 HIGH |
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation. | |||||
CVE-2020-3982 | 2 Apple, Vmware | 6 Mac Os X, Cloud Foundation, Esxi and 3 more | 2023-12-10 | 4.9 MEDIUM | 7.7 HIGH |
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this vulnerability to crash the virtual machine's vmx process or corrupt hypervisor's memory heap. | |||||
CVE-2020-27014 | 1 Trendmicro | 1 Antivirus | 2023-12-10 | 6.9 MEDIUM | 6.4 MEDIUM |
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2020-11220 | 1 Qualcomm | 262 Aqt1000, Aqt1000 Firmware, Ar8035 and 259 more | 2023-12-10 | 4.4 MEDIUM | 6.4 MEDIUM |
While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-9939 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.4 MEDIUM | 6.4 MEDIUM |
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to load unsigned kernel extensions. | |||||
CVE-2020-35889 | 1 Crayon Project | 1 Crayon | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
An issue was discovered in the crayon crate through 2020-08-31 for Rust. A TOCTOU issue has a resultant memory safety violation via HandleLike. | |||||
CVE-2020-27252 | 1 Medtronic | 2 Mycarelink Smart Model 25000, Mycarelink Smart Model 25000 Firmware | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device. | |||||
CVE-2020-0358 | 1 Google | 1 Android | 2023-12-10 | 4.4 MEDIUM | 6.4 MEDIUM |
In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150227563 | |||||
CVE-2020-14375 | 3 Canonical, Dpdk, Opensuse | 3 Ubuntu Linux, Data Plane Development Kit, Leap | 2023-12-10 | 4.4 MEDIUM | 7.8 HIGH |
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
CVE-2020-3981 | 2 Apple, Vmware | 5 Mac Os X, Cloud Foundation, Esxi and 2 more | 2023-12-10 | 3.5 LOW | 5.8 MEDIUM |
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process. | |||||
CVE-2020-11230 | 1 Qualcomm | 360 Aqt1000, Aqt1000 Firmware, Fsm10055 and 357 more | 2023-12-10 | 4.4 MEDIUM | 6.4 MEDIUM |
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address to user land in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2020-24428 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-12-10 | 5.1 MEDIUM | 7.7 HIGH |
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2020-8332 | 1 Lenovo | 36 Bladecenter Hs23, Bladecenter Hs23 Firmware, Bladecenter Hs23e and 33 more | 2023-12-10 | 6.9 MEDIUM | 6.4 MEDIUM |
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected. | |||||
CVE-2019-15608 | 1 Yarnpkg | 1 Yarn | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
The package integrity validation in yarn < 1.19.0 contains a TOCTOU vulnerability where the hash is computed before writing a package to cache. It's not computed again when reading from the cache. This may lead to a cache pollution attack. | |||||
CVE-2020-13162 | 1 Pulsesecure | 2 Pulse Secure Desktop Client, Pulse Secure Installer Service | 2023-12-10 | 6.9 MEDIUM | 7.0 HIGH |
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges. | |||||
CVE-2020-13882 | 2 Cisofy, Fedoraproject | 2 Lynis, Fedora | 2023-12-10 | 3.7 LOW | 4.2 MEDIUM |
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and control that up to the point where the specific routine is doing its check. After that, the file can be removed, recreated, and used for additional attacks. |