Weaknesses of type CWE-367
507 resultsCVE-2022-27541HIGHPotential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allEPSS 0.1%CVE-2022-43777HIGHPotential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allEPSS 0.1%CVE-2022-24413MEDIUMDell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesysteEPSS 0.1%CVE-2024-41917MEDIUMTime-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software before version 2.4.1 may allow an authenticEPSS 0.1%CVE-2021-46795MEDIUMA TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memoryEPSS 0.1%CVE-2024-13944HIGHLink Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities Ultimate (Also affects Avast CleanUp and AVG TuneUp)EPSS 0.1%CVE-2026-43619HIGHRsync < 3.4.3 Symlink Race Condition via Path-Based SyscallsEPSS 0.1%CVE-2024-21792MEDIUMTime-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to poteEPSS 0.1%CVE-2026-45619MEDIUMAVideo CVE-2026-43884 incomplete fix - `isSSRFSafeURL()` call sites still discard the `$resolvedIP` out-param at master HEAD postEPSS 0.1%CVE-2022-43779HIGHA potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (systeEPSS 0.1%CVE-2022-30283HIGHIn UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTEPSS 0.1%CVE-2022-33909HIGHDMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOEPSS 0.1%CVE-2022-30773MEDIUMDMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but beforEPSS 0.1%CVE-2022-32477HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM EPSS 0.1%CVE-2022-32473HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMEPSS 0.1%CVE-2025-30101MEDIUMDell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauEPSS 0.1%CVE-2022-32469HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM codEPSS 0.1%CVE-2022-33905HIGHDMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attEPSS 0.1%CVE-2022-32954HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code EPSS 0.1%CVE-2022-34325HIGHDMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruptioEPSS 0.1%