Vulnerabilities (CVE)

Filtered by CWE-59
Total 1156 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-36399 1 Microsoft 4 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 1 more 2024-11-21 N/A 7.1 HIGH
Windows Storage Elevation of Privilege Vulnerability
CVE-2023-36394 1 Microsoft 9 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 6 more 2024-11-21 N/A 7.0 HIGH
Windows Search Service Elevation of Privilege Vulnerability
CVE-2023-36391 1 Microsoft 1 Windows 11 23h2 2024-11-21 N/A 7.8 HIGH
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2023-36047 1 Microsoft 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more 2024-11-21 N/A 7.8 HIGH
Windows Authentication Elevation of Privilege Vulnerability
CVE-2023-36046 1 Microsoft 4 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 1 more 2024-11-21 N/A 7.1 HIGH
Windows Authentication Denial of Service Vulnerability
CVE-2023-35633 1 Microsoft 3 Windows 10 1507, Windows Server 2008, Windows Server 2012 2024-11-21 N/A 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35624 1 Microsoft 1 Azure Connected Machine Agent 2024-11-21 N/A 7.3 HIGH
Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2023-35379 1 Microsoft 1 Windows Server 2008 2024-11-21 N/A 7.8 HIGH
Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability
CVE-2023-35353 1 Microsoft 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more 2024-11-21 N/A 7.8 HIGH
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
CVE-2023-35347 1 Microsoft 5 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 2 more 2024-11-21 N/A 7.1 HIGH
Microsoft Install Service Elevation of Privilege Vulnerability
CVE-2023-35342 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-11-21 N/A 7.8 HIGH
Windows Image Acquisition Elevation of Privilege Vulnerability
CVE-2023-35320 1 Microsoft 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more 2024-11-21 N/A 7.8 HIGH
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
CVE-2023-34723 1 Jaycar 2 La5570, La5570 Firmware 2024-11-21 N/A 7.5 HIGH
An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows attackers to gain sensitive information via /config/system.conf.
CVE-2023-34283 2024-11-21 N/A 4.6 MEDIUM
NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of symbolic links on removable USB media. By creating a symbolic link, an attacker can abuse the router's web server to access arbitrary local files. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-19498.
CVE-2023-34204 1 Imapsync Project 1 Imapsync 2024-11-21 N/A 6.5 MEDIUM
imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus (for example) an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it.
CVE-2023-33865 1 Renderdoc 1 Renderdoc 2024-11-21 N/A 7.8 HIGH
RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership.
CVE-2023-33245 1 Minecraft 1 Minecraft 2024-11-21 N/A 8.8 HIGH
Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink.
CVE-2023-33148 1 Microsoft 2 365 Apps, Office 2024-11-21 N/A 7.8 HIGH
Microsoft Office Elevation of Privilege Vulnerability
CVE-2023-32556 2 Microsoft, Trendmicro 2 Windows, Apex One 2024-11-21 N/A 5.5 MEDIUM
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2023-32474 1 Dell 1 Display Manager 2024-11-21 N/A 6.6 MEDIUM
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion