Total
1156 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-38022 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.0 HIGH |
Windows Image Acquisition Elevation of Privilege Vulnerability | |||||
CVE-2024-38013 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 6.7 MEDIUM |
Microsoft Windows Server Backup Elevation of Privilege Vulnerability | |||||
CVE-2024-36306 | 1 Trendmicro | 1 Apex One | 2024-11-21 | N/A | 6.1 MEDIUM |
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2024-36305 | 1 Trendmicro | 1 Apex One | 2024-11-21 | N/A | 7.8 HIGH |
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2024-35261 | 1 Microsoft | 1 Azure Network Watcher Agent | 2024-11-21 | N/A | 7.8 HIGH |
Azure Network Watcher VM Extension Elevation of Privilege Vulnerability | |||||
CVE-2024-35254 | 1 Microsoft | 1 Azure Monitor Agent | 2024-11-21 | N/A | 7.1 HIGH |
Azure Monitor Agent Elevation of Privilege Vulnerability | |||||
CVE-2024-35253 | 1 Microsoft | 1 Azure File Sync | 2024-11-21 | N/A | 4.4 MEDIUM |
Microsoft Azure File Sync Elevation of Privilege Vulnerability | |||||
CVE-2024-35235 | 2024-11-21 | N/A | 4.4 MEDIUM | ||
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue. | |||||
CVE-2024-32002 | 1 Git | 1 Git | 2024-11-21 | N/A | 9.0 CRITICAL |
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources. | |||||
CVE-2024-31952 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.) | |||||
CVE-2024-30104 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 7.8 HIGH |
Microsoft Office Remote Code Execution Vulnerability | |||||
CVE-2024-30093 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 7.3 HIGH |
Windows Storage Elevation of Privilege Vulnerability | |||||
CVE-2024-30076 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2024-11-21 | N/A | 6.8 MEDIUM |
Windows Container Manager Service Elevation of Privilege Vulnerability | |||||
CVE-2024-30065 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 5.5 MEDIUM |
Windows Themes Denial of Service Vulnerability | |||||
CVE-2024-30060 | 2024-11-21 | N/A | 7.8 HIGH | ||
Azure Monitor Agent Elevation of Privilege Vulnerability | |||||
CVE-2024-30033 | 2024-11-21 | N/A | 7.0 HIGH | ||
Windows Search Service Elevation of Privilege Vulnerability | |||||
CVE-2024-30018 | 2024-11-21 | N/A | 7.8 HIGH | ||
Windows Kernel Elevation of Privilege Vulnerability | |||||
CVE-2024-29989 | 2024-11-21 | N/A | 8.4 HIGH | ||
Azure Monitor Agent Elevation of Privilege Vulnerability | |||||
CVE-2024-29188 | 2024-11-21 | N/A | 7.9 HIGH | ||
WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The custom action behind WiX's `RemoveFolderEx` functionality could allow a standard user to delete protected directories. `RemoveFolderEx` deletes an entire directory tree during installation or uninstallation. It does so by recursing every subdirectory starting at a specified directory and adding each subdirectory to the list of directories Windows Installer should delete. If the setup author instructed `RemoveFolderEx` to delete a per-user folder from a per-machine installer, an attacker could create a directory junction in that per-user folder pointing to a per-machine, protected directory. Windows Installer, when executing the per-machine installer after approval by an administrator, would delete the target of the directory junction. This vulnerability is fixed in 3.14.1 and 4.0.5. | |||||
CVE-2024-29069 | 1 Canonical | 1 Snapd | 2024-11-21 | N/A | 4.8 MEDIUM |
In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image (such as icons and desktop files etc) are directly read by snapd when it is extracted. An attacker who could convince a user to install a malicious snap which contained symbolic links at these paths could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow an unprivileged user to gain access to privileged information. |