Weaknesses of type CWE-367
510 resultsCVE-2025-30101MEDIUMDell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauEPSS 0.1%CVE-2022-32469HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM codEPSS 0.1%CVE-2022-32473HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMEPSS 0.1%CVE-2022-32476HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMMEPSS 0.1%CVE-2022-33905HIGHDMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attEPSS 0.1%CVE-2022-33985HIGHDMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a EPSS 0.1%CVE-2022-33909HIGHDMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOEPSS 0.1%CVE-2022-33908HIGHDMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TEPSS 0.1%CVE-2022-32475HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM andEPSS 0.1%CVE-2022-32470HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and EPSS 0.1%CVE-2022-32954HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code EPSS 0.1%CVE-2022-32267MEDIUMDMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU EPSS 0.1%CVE-2022-32953HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM codeEPSS 0.1%CVE-2024-37181LOWTime-of-check time-of-use race condition in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to EPSS 0.1%CVE-2022-32477HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM EPSS 0.1%CVE-2022-32471HIGHAn issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. The IhisiDxe driver uses the command buffer to pass inpEPSS 0.1%CVE-2022-33986MEDIUMDMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack. DMA attacks on the paEPSS 0.1%CVE-2022-34325HIGHDMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruptioEPSS 0.1%CVE-2022-21198HIGHTime-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enableEPSS 0.1%CVE-2026-24067HIGHSlate Digital Connect macOS XPC PID validation privilege escalationEPSS 0.1%