Weaknesses of type CWE-367
516 resultsCVE-2022-32470HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and EPSS 0.1%CVE-2022-32267MEDIUMDMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU EPSS 0.1%CVE-2022-21198HIGHTime-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enableEPSS 0.1%CVE-2026-24067HIGHSlate Digital Connect macOS XPC PID validation privilege escalationEPSS 0.1%CVE-2025-54271MEDIUMCreative Cloud Desktop | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)EPSS 0.1%CVE-2025-30663HIGHZoom Workplace Apps - Time-of-check Time-of-useEPSS 0.1%CVE-2022-26859MEDIUMDell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in oEPSS 0.1%CVE-2024-22185HIGHTime-of-check Time-of-use Race Condition in some Intel(R) processors with Intel(R) ACTM may allow a privileged user to potentially enable esEPSS 0.1%CVE-2023-34046MEDIUMVMware Fusion TOCTOU local privilege escalation vulnerabilityEPSS 0.1%CVE-2025-64118MEDIUMnode-tar vulnerable to race condition leading to uninitialized memory exposureEPSS 0.1%CVE-2024-48394HIGHA Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the NDD Print solution, which could allow an unprEPSS 0.1%CVE-2026-23554HIGHUse after free of paging structures in EPTEPSS 0.1%CVE-2025-13818HIGHLocal privilege escalation in ESET Management Agent for WindowsEPSS 0.1%CVE-2026-46227HIGHsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALLEPSS 0.1%CVE-2026-22751MEDIUMSpring Security JdbcOneTimeTokenService allows a one-time token to authenticate multiple sessionsEPSS 0.1%CVE-2024-27361MEDIUMA vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, ExynoEPSS 0.1%CVE-2026-7791HIGHImproper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows beforeEPSS 0.1%CVE-2026-41702HIGHTOCTOU local privilege escalation vulnerabilityEPSS 0.1%CVE-2026-20445MEDIUMIn MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has alreaEPSS 0.1%CVE-2024-36311MEDIUMA Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validEPSS 0.1%