Total
1140 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11538 | 1 Ivanti | 1 Connect Secure | 2024-02-27 | 4.0 MEDIUM | 7.7 HIGH |
| In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1, an NFS problem could allow an authenticated attacker to access the contents of arbitrary files on the affected device. | |||||
| CVE-2022-40710 | 2 Microsoft, Trendmicro | 2 Windows, Deep Security Agent | 2024-02-27 | N/A | 7.8 HIGH |
| A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2020-27833 | 1 Redhat | 1 Openshift Container Platform | 2024-02-21 | 4.6 MEDIUM | 7.1 HIGH |
| A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. The vulnerability is limited to the command `oc image extract`. If a symbolic link is first created pointing within the tarball, this allows further symbolic links to bypass the existing path check. This flaw allows the tarball to create links outside the tarball's parent directory, allowing for executables or configuration files to be overwritten, resulting in arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions up to and including openshift-clients-4.7.0-202104250659.p0.git.95881af are affected. | |||||
| CVE-2021-21272 | 1 Deislabs | 1 Oras | 2024-02-21 | 4.0 MEDIUM | 7.7 HIGH |
| ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the downloaded gzipped tarballs to be automatically extracted to the user-specified directory where the tarball can have symbolic links and hard links. A well-crafted tarball or tarballs allow malicious artifact providers linking, writing, or overwriting specific files on the host filesystem outside of the user-specified directory unexpectedly with the same permissions as the user who runs `oras pull`. Users of the affected versions are impacted if they are `oras` CLI users who runs `oras pull`, or if they are Go programs, which invoke `github.com/deislabs/oras/pkg/content.FileStore`. The problem has been fixed in version 0.9.0. For `oras` CLI users, there is no workarounds other than pulling from a trusted artifact provider. For `oras` package users, the workaround is to not use `github.com/deislabs/oras/pkg/content.FileStore`, and use other content stores instead, or pull from a trusted artifact provider. | |||||
| CVE-2002-0725 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file. | |||||
| CVE-2003-0844 | 1 Schroepl | 1 Mod Gzip | 2024-02-16 | 2.1 LOW | 7.1 HIGH |
| mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled. | |||||
| CVE-2003-1233 | 1 Pedestalsoftware | 1 Integrity Protection Driver | 2024-02-16 | 2.1 LOW | 9.8 CRITICAL |
| Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command. | |||||
| CVE-2022-31216 | 1 Abb | 3 Automation Builder, Drive Composer, Mint Workbench | 2024-02-15 | 7.2 HIGH | 7.8 HIGH |
| Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. | |||||
| CVE-2023-32454 | 1 Dell | 1 Update Package Framework | 2024-02-13 | N/A | 7.1 HIGH |
| DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service | |||||
| CVE-2023-32474 | 1 Dell | 1 Display Manager | 2024-02-12 | N/A | 6.6 MEDIUM |
| Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion | |||||
| CVE-2015-3629 | 2 Docker, Opensuse | 2 Libcontainer, Opensuse | 2024-02-02 | 7.2 HIGH | 7.8 HIGH |
| Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container. | |||||
| CVE-2000-0342 | 1 Qualcomm | 1 Eudora | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." | |||||
| CVE-2001-1042 | 1 Transsoft | 1 Broker Ftp Server | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | |||||
| CVE-2001-1043 | 1 Argosoft | 1 Ftp Server | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | |||||
| CVE-2005-0587 | 1 Mozilla | 2 Firefox, Mozilla | 2024-02-02 | 2.6 LOW | 6.5 MEDIUM |
| Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file. | |||||
| CVE-2001-1386 | 1 Texasimperialsoftware | 1 Wftpd | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension. | |||||
| CVE-2023-2939 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-01-31 | N/A | 7.8 HIGH |
| Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium) | |||||
| CVE-2023-47192 | 1 Trendmicro | 1 Apex One | 2024-01-30 | N/A | 7.8 HIGH |
| An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-52094 | 1 Trendmicro | 1 Apex One | 2024-01-30 | N/A | 7.8 HIGH |
| An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-52092 | 1 Trendmicro | 1 Apex One | 2024-01-29 | N/A | 7.8 HIGH |
| A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||