Falhas do tipo CWE-367

504 resultados
CVE-2019-11774Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop EPSS 0.7%CVE-2023-38041HIGHA logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flEPSS 0.7%CVE-2024-30471MEDIUMApache StreamPipes: Potential creation of multiple identical accountsEPSS 0.7%CVE-2022-26387HIGHWhen installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underEPSS 0.7%CVE-2022-22753HIGHA Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrarEPSS 0.6%CVE-2023-38141HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2024-27297MEDIUMNix Corruption of fixed-output derivationsEPSS 0.6%CVE-2025-49730HIGHMicrosoft Windows QoS Scheduler Driver Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2023-0778MEDIUMA Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume wiEPSS 0.5%CVE-2024-30099HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2024-27114HIGHRemote Code Execution through File Upload in SOPlanning before 1.52.02EPSS 0.5%CVE-2022-34830HIGHAn Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operatiEPSS 0.5%CVE-2023-21537HIGHMicrosoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2024-38153HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2025-3464HIGHA race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leadinEPSS 0.5%CVE-2024-1729MEDIUMTiming Attack Vulnerability in gradio-app/gradioEPSS 0.5%CVE-2024-39936HIGHAn issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6EPSS 0.5%CVE-2024-49768CRITICALWaitress has request processing race condition in HTTP pipelining with invalid first requestEPSS 0.5%CVE-2026-25641CRITICALSandboxJS has a sandbox escape via TOCTOU bug on keys in property accessesEPSS 0.5%CVE-2022-48618HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. AEPSS 0.5%KEV