Vulnerabilities (CVE)

Filtered by CWE-367
Total 262 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-34046 2 Apple, Vmware 2 Mac Os X, Fusion 2023-12-10 N/A 7.0 HIGH
VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time.
CVE-2023-37250 1 Unity 1 Parsec 2023-12-10 N/A 7.0 HIGH
Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This affects Parsec Loader versions through 8. Parsec Loader 9 is a fixed version.
CVE-2023-44128 2 Google, Lg 2 Android, V60 Thin Q 5g 2023-12-10 N/A 3.6 LOW
he vulnerability is to delete arbitrary files in LGInstallService ("com.lge.lginstallservies") app. The app contains the exported "com.lge.lginstallservies.InstallService" service that exposes an AIDL interface. All its "installPackage*" methods are finally calling the "installPackageVerify()" method that performs signature validation after the delete file method. An attacker can control conditions so this security check is never performed and an attacker-controlled file is deleted.
CVE-2023-33832 2 Ibm, Linux 5 Aix, Spectrum Protect Client, Spectrum Protect For Space Management and 2 more 2023-12-10 N/A 4.7 MEDIUM
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012.
CVE-2023-1295 2 Linux, Netapp 6 Linux Kernel, H300s, H410c and 3 more 2023-12-10 N/A 7.0 HIGH
A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93.
CVE-2022-4149 2 Microsoft, Netskope 2 Windows, Netskope 2023-12-10 N/A 7.0 HIGH
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory (C:\Users\Public\netSkope) for a standard user. The files are created and written with a SYSTEM account except one file (logplaceholder) which inherits permission giving all users full access control list. Netskope client restricts access to this file by allowing only read permissions as a standard user. Whenever the Netskope client service restarts, it deletes the logplaceholder and recreates, creating a race condition, which can be exploited by a malicious local user to create the file and set ACL permissions on the file. Once the file is created by a malicious user with proper ACL permissions, all files within C:\Users\Public\netSkope\ becomes modifiable by the unprivileged user. By using Windows pseudo-symlink, these files can be pointed to other places in the system and thus malicious users will be able to elevate privileges.
CVE-2022-31642 1 Hp 582 Elite Dragonfly, Elite Dragonfly Firmware, Elite Dragonfly G2 and 579 more 2023-12-10 N/A 7.0 HIGH
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2021-26356 1 Amd 196 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 193 more 2023-12-10 N/A 7.4 HIGH
A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure.
CVE-2022-3093 1 Tesla 8 Model 3, Model 3 Firmware, Model S and 5 more 2023-12-10 N/A 6.4 MEDIUM
This vulnerability allows physical attackers to execute arbitrary code on affected Tesla vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ice_updater update mechanism. The issue results from the lack of proper validation of user-supplied firmware. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17463.
CVE-2022-43778 1 Hp 774 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 771 more 2023-12-10 N/A 7.8 HIGH
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
CVE-2022-31639 1 Hp 806 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 803 more 2023-12-10 N/A 7.8 HIGH
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2023-0778 2 Podman Project, Redhat 2 Podman, Enterprise Linux 2023-12-10 N/A 6.8 MEDIUM
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.
CVE-2022-33270 1 Qualcomm 84 Ar8035, Ar8035 Firmware, Qca6391 and 81 more 2023-12-10 N/A 5.9 MEDIUM
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
CVE-2022-38730 1 Docker 1 Desktop 2023-12-10 N/A 6.3 MEDIUM
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. This allows exploiting a symlink vulnerability in ..\dataRoot\network\files\local-kv.db because of a TOCTOU race condition.
CVE-2022-43946 1 Fortinet 1 Forticlient 2023-12-10 N/A 8.1 HIGH
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute commands via writing data into a windows pipe.
CVE-2022-31636 1 Hp 806 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 803 more 2023-12-10 N/A 7.8 HIGH
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2022-31641 1 Hp 582 Elite Dragonfly, Elite Dragonfly Firmware, Elite Dragonfly G2 and 579 more 2023-12-10 N/A 7.0 HIGH
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2022-4143 1 Gitlab 1 Gitlab 2023-12-10 N/A 5.3 MEDIUM
An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5, from 15.9 before 15.9.4, and from 15.10 before 15.10.1 that allows for crafted, unapproved MRs to be introduced and merged without authorization
CVE-2023-26299 1 Hp 118 200 G3, 200 G3 Firmware, 200 G4 22 All-in-one and 115 more 2023-12-10 N/A 7.0 HIGH
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
CVE-2023-1585 3 Avast, Avg, Microsoft 3 Antivirus, Anti-virus, Windows 2023-12-10 N/A 6.3 MEDIUM
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later.