Falhas do tipo CWE-367
504 resultadosCVE-2022-31637HIGHPotential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allEPSS 0.1%CVE-2026-34452MEDIUMClaude SDK for Python: Memory Tool Path Validation Race Condition Allows Sandbox EscapeEPSS 0.1%CVE-2021-46795MEDIUMA TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memoryEPSS 0.1%CVE-2024-13944HIGHLink Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities Ultimate (Also affects Avast CleanUp and AVG TuneUp)EPSS 0.1%CVE-2022-24413MEDIUMDell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesysteEPSS 0.1%CVE-2024-41917MEDIUMTime-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software before version 2.4.1 may allow an authenticEPSS 0.1%CVE-2022-43779HIGHA potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (systeEPSS 0.1%CVE-2024-21792MEDIUMTime-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to poteEPSS 0.1%CVE-2026-45619MEDIUMAVideo CVE-2026-43884 incomplete fix - `isSSRFSafeURL()` call sites still discard the `$resolvedIP` out-param at master HEAD postEPSS 0.1%CVE-2026-43619HIGHRsync < 3.4.3 Symlink Race Condition via Path-Based SyscallsEPSS 0.1%CVE-2022-30283HIGHIn UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTEPSS 0.1%CVE-2022-32474HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by EPSS 0.1%CVE-2022-34325HIGHDMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruptioEPSS 0.1%CVE-2022-32267MEDIUMDMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU EPSS 0.1%CVE-2022-32470HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and EPSS 0.1%CVE-2022-32475HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM andEPSS 0.1%CVE-2026-32979HIGHOpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host ApprovalEPSS 0.1%CVE-2024-37181LOWTime-of-check time-of-use race condition in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to EPSS 0.1%CVE-2022-32954HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code EPSS 0.1%CVE-2022-32477HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM EPSS 0.1%