Vulnerabilities (CVE)

Filtered by CWE-367
Total 345 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-4098 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 7.4 HIGH
Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-4001 1 Linux 1 Linux Kernel 2024-11-21 4.7 MEDIUM 4.1 MEDIUM
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2.
CVE-2021-46795 1 Amd 5 Cezannepi-fp6, Cezannepi-fp6 Firmware, Comboam4v2 Pi and 2 more 2024-11-21 N/A 4.7 MEDIUM
A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memory out of bounds that could potentially result in a denial of service.
CVE-2021-46792 1 Amd 110 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 107 more 2024-11-21 N/A 5.9 MEDIUM
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service.
CVE-2021-42835 2 Microsoft, Plex 2 Windows, Media Server 2024-11-21 6.9 MEDIUM 7.0 HIGH
An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker (with a foothold in a endpoint via a low-privileged user account) can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC functionality and execute code from a path of his choice (local, or remote via SMB) because of a TOCTOU race condition. This code execution is in the context of the Plex update service (which runs as SYSTEM).
CVE-2021-3969 1 Lenovo 1 System Interface Foundation 2024-11-21 4.4 MEDIUM 7.8 HIGH
A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate privileges.
CVE-2021-3899 2024-11-21 N/A 7.8 HIGH
There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.
CVE-2021-3054 1 Paloaltonetworks 1 Pan-os 2024-11-21 8.5 HIGH 7.2 HIGH
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7; PAN-OS 10.1 versions earlier than PAN-OS 10.1.2. This issue does not affect Prisma Access.
CVE-2021-36924 1 Realtek 1 Rtsupx Usb Utility Driver 2024-11-21 7.2 HIGH 7.8 HIGH
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device.
CVE-2021-35937 3 Fedoraproject, Redhat, Rpm 3 Fedora, Enterprise Linux, Rpm 2024-11-21 N/A 6.4 MEDIUM
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-35111 1 Qualcomm 75 Ar8035, Ar8035 Firmware, Qca6390 and 72 more 2024-11-21 7.1 HIGH 7.5 HIGH
Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile
CVE-2021-35090 1 Qualcomm 112 Aqt1000, Aqt1000 Firmware, Qca6390 and 109 more 2024-11-21 6.9 MEDIUM 9.3 CRITICAL
Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2021-35082 1 Qualcomm 6 Mdm9206, Mdm9206 Firmware, Qca9367 and 3 more 2024-11-21 9.3 HIGH 9.1 CRITICAL
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT
CVE-2021-34986 1 Parallels 1 Parallels Desktop 2024-11-21 N/A 7.8 HIGH
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13932.
CVE-2021-34788 3 Apple, Cisco, Linux 3 Macos, Anyconnect Secure Mobility Client, Linux Kernel 2024-11-21 6.9 MEDIUM 7.0 HIGH
A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system.
CVE-2021-34413 1 Zoom 1 Zoom Plugin For Microsoft Outlook 2024-11-21 6.0 MEDIUM 7.5 HIGH
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin directory, allowing the malicious application to execute in a privileged context.
CVE-2021-33632 2024-11-21 N/A 7.0 HIGH
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in openEuler iSulad on Linux allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This vulnerability is associated with program files https://gitee.Com/openeuler/iSulad/blob/master/src/cmd/isulad/main.C. This issue affects iSulad: 2.0.18-13, from 2.1.4-1 through 2.1.4-2.
CVE-2021-33097 1 Intel 1 Crypto Api Toolkit For Intel Sgx 2024-11-21 6.0 MEDIUM 6.6 MEDIUM
Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via network access.
CVE-2021-32708 2 Fedoraproject, Thephpleague 2 Fedora, Flysystem 2024-11-21 9.3 HIGH 9.8 CRITICAL
Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions are: A user is allowed to supply the path or filename of an uploaded file, the supplied path or filename is not checked against unicode chars, the supplied pathname checked against an extension deny-list, not an allow-list, the supplied path or filename contains a unicode whitespace char in the extension, the uploaded file is stored in a directory that allows PHP code to be executed. Given these conditions are met a user can upload and execute arbitrary code on the system under attack. The unicode whitespace removal has been replaced with a rejection (exception). For 1.x users, upgrade to 1.1.4. For 2.x users, upgrade to 2.1.1.
CVE-2021-31427 1 Parallels 1 Parallels Desktop 2024-11-21 1.9 LOW 5.6 MEDIUM
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Open Tools Gate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13082.