Total
925 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-24577 | 1 Mcafee | 1 Total Protection | 2023-03-22 | N/A | 5.5 MEDIUM |
McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks. | |||||
CVE-2019-0841 | 1 Microsoft | 6 Windows 10 1703, Windows 10 1709, Windows 10 1803 and 3 more | 2023-03-20 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. | |||||
CVE-2023-25148 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2023-03-16 | N/A | 7.8 HIGH |
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to exploit the vulnerability by changing a specific file into a pseudo-symlink, allowing privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2023-25146 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2023-03-16 | N/A | 7.8 HIGH |
A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary file dropped to an arbitrary location. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2023-25145 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2023-03-16 | N/A | 7.8 HIGH |
A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2022-22582 | 1 Apple | 2 Mac Os X, Macos | 2023-03-07 | N/A | 5.5 MEDIUM |
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files. | |||||
CVE-2022-45697 | 1 Razer | 1 Razer Central | 2023-03-06 | N/A | 7.8 HIGH |
Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory. | |||||
CVE-2022-41973 | 3 Debian, Fedoraproject, Opensvc | 3 Debian Linux, Fedora, Multipath-tools | 2023-03-02 | N/A | 7.8 HIGH |
multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root. | |||||
CVE-2023-23558 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2023-02-27 | N/A | 6.3 MEDIUM |
In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. For example, a local attacker can create /tmp/.sentry-native-etserver with mode 0777 before the etserver process is started. The attacker can choose to read sensitive information from that file, or modify the information in that file. | |||||
CVE-2023-25152 | 1 Pterodactyl | 1 Wings | 2023-02-23 | N/A | 8.8 HIGH |
Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their containers to privileged mode, or potentially add ssh authorized keys to allow the attacker access to a remote shell on the target machine. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by the Wings Daemon. This vulnerability has been resolved in version `v1.11.3` of the Wings Daemon, and has been back-ported to the 1.7 release series in `v1.7.3`. Anyone running `v1.11.x` should upgrade to `v1.11.3` and anyone running `v1.7.x` should upgrade to `v1.7.3`. There are no known workarounds for this vulnerability. ### Workarounds None at this time. | |||||
CVE-2018-1634 | 1 Ibm | 1 Informix Dynamic Server | 2023-02-23 | 7.2 HIGH | 6.7 MEDIUM |
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. IBM X-Force ID: 144437. | |||||
CVE-2018-1633 | 1 Ibm | 1 Informix Dynamic Server | 2023-02-23 | 7.2 HIGH | 6.7 MEDIUM |
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. IBM X-Force ID: 144434. | |||||
CVE-2018-1632 | 1 Ibm | 1 Informix Dynamic Server | 2023-02-23 | 7.2 HIGH | 6.7 MEDIUM |
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in .infxdirs. IBM X-Force ID: 144432. | |||||
CVE-2018-1631 | 1 Ibm | 1 Informix Dynamic Server | 2023-02-23 | 7.2 HIGH | 6.7 MEDIUM |
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. IBM X-Force ID: 144431. | |||||
CVE-2018-1630 | 1 Ibm | 1 Informix Dynamic Server | 2023-02-23 | 7.2 HIGH | 6.7 MEDIUM |
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onmode. IBM X-Force ID: 144430. | |||||
CVE-2023-22490 | 1 Git-scm | 1 Git | 2023-02-23 | N/A | 5.5 MEDIUM |
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs. | |||||
CVE-2023-24572 | 1 Dell | 1 Command \| Integration Suite For System Center | 2023-02-22 | N/A | 3.3 LOW |
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | |||||
CVE-2023-23697 | 1 Dell | 1 Command \| Intel Vpro Out Of Band | 2023-02-22 | N/A | 3.3 LOW |
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | |||||
CVE-2021-37712 | 5 Debian, Microsoft, Npmjs and 2 more | 5 Debian Linux, Windows, Tar and 2 more | 2023-02-22 | 4.4 MEDIUM | 8.6 HIGH |
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with names containing unicode values that normalized to the same value. Additionally, on Windows systems, long path portions would resolve to the same file system entities as their 8.3 "short path" counterparts. A specially crafted tar archive could thus include a directory with one form of the path, followed by a symbolic link with a different string that resolves to the same file system entity, followed by a file using the first form. By first creating a directory, and then replacing that directory with a symlink that had a different apparent name that resolved to the same entry in the filesystem, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-qq89-hq3f-393p. | |||||
CVE-2022-42292 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2023-02-22 | N/A | 7.8 HIGH |
NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering. |