Total
1092 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-21838 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Windows Cleanup Manager Elevation of Privilege Vulnerability | |||||
CVE-2021-1612 | 1 Cisco | 1 Sd-wan | 2024-02-04 | 6.6 MEDIUM | 7.1 HIGH |
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device. | |||||
CVE-2021-37969 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. | |||||
CVE-2021-44038 | 1 Quagga | 1 Quagga | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update. | |||||
CVE-2021-22488 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups. | |||||
CVE-2021-45231 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2021-45442 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2024-02-04 | 6.6 MEDIUM | 7.1 HIGH |
A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is similar to, but not the same as CVE-2021-44024. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2021-36286 | 1 Dell | 1 Supportassist Client Consumer | 2024-02-04 | 3.6 LOW | 7.1 HIGH |
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin. | |||||
CVE-2021-42297 | 1 Microsoft | 1 Windows 10 Update Assistant | 2024-02-04 | 6.9 MEDIUM | 5.0 MEDIUM |
Windows 10 Update Assistant Elevation of Privilege Vulnerability | |||||
CVE-2021-21691 | 1 Jenkins | 1 Jenkins | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Creating symbolic links is possible without the 'symlink' agent-to-controller access control permission in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. | |||||
CVE-2021-43238 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Windows Remote Access Elevation of Privilege Vulnerability | |||||
CVE-2021-34408 | 1 Zoom | 1 Meetings | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link was created between the user writable directory used and a non-user writable directory. | |||||
CVE-2021-21695 | 1 Jenkins | 1 Jenkins | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
FilePath#listFiles lists files outside directories that agents are allowed to access when following symbolic links in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. | |||||
CVE-2021-20153 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2024-02-04 | 6.9 MEDIUM | 6.8 MEDIUM |
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious symlink on it that the bittorrent client can write downloads to, then a user is able to download arbitrary files to any desired location on the devices filesystem, which could lead to remote code execution. Example directories vulnerable to this include "config", "downloads", and "torrents", though it should be noted that "downloads" is the only vector that allows for arbitrary files to be downloaded to arbitrary locations. | |||||
CVE-2022-21997 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-02-04 | 3.6 LOW | 7.1 HIGH |
Windows Print Spooler Elevation of Privilege Vulnerability | |||||
CVE-2022-21895 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Server and 3 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Windows User Profile Service Elevation of Privilege Vulnerability | |||||
CVE-2021-44023 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+ Security 2021, Internet Security 2021 and 2 more | 2024-02-04 | 3.6 LOW | 7.1 HIGH |
A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service. | |||||
CVE-2021-21686 | 1 Jenkins | 1 Jenkins | 2024-02-04 | 5.8 MEDIUM | 8.1 HIGH |
File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories. | |||||
CVE-2021-44024 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2024-02-04 | 6.6 MEDIUM | 7.1 HIGH |
A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2021-3641 | 2 Bitdefender, Microsoft | 2 Gravityzone, Windows | 2024-02-04 | 3.6 LOW | 6.1 MEDIUM |
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions. |