Total
1363 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1136 | 2 Debian, Tesseract Project | 2 Debian Linux, Tesseract | 2024-11-21 | 6.3 MEDIUM | 4.7 MEDIUM |
| In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file. | |||||
| CVE-2010-4817 | 2 Debian, Pithos Project | 2 Debian Linux, Pithos | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. | |||||
| CVE-2010-3095 | 1 Mailscanner | 1 Mailscanner | 2024-11-21 | 3.3 LOW | 4.7 MEDIUM |
| mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313. | |||||
| CVE-2010-2064 | 1 Rpcbind Project | 1 Rpcbind | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr. | |||||
| CVE-2010-0398 | 1 Autokey Project | 1 Autokey | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack. | |||||
| CVE-2009-0035 | 1 Alsa-project | 1 Alsa | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts. | |||||
| CVE-2008-7273 | 1 Getfiregpg | 1 Iceweasel-firegpg | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling. | |||||
| CVE-2024-49051 | 1 Microsoft | 1 Pc Manager | 2024-11-18 | N/A | 7.8 HIGH |
| Microsoft PC Manager Elevation of Privilege Vulnerability | |||||
| CVE-2024-51721 | 2024-11-13 | N/A | 7.3 HIGH | ||
| A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege. | |||||
| CVE-2024-45770 | 2024-11-12 | N/A | 4.4 MEDIUM | ||
| A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges. | |||||
| CVE-2024-45315 | 2024-11-01 | N/A | 5.5 MEDIUM | ||
| The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack. | |||||
| CVE-2024-43501 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-10-17 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-43603 | 1 Microsoft | 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more | 2024-10-17 | N/A | 5.5 MEDIUM |
| Visual Studio Collector Service Denial of Service Vulnerability | |||||
| CVE-2024-43551 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2024-10-17 | N/A | 7.8 HIGH |
| Windows Storage Elevation of Privilege Vulnerability | |||||
| CVE-2024-38097 | 1 Microsoft | 1 Azure Monitor Agent | 2024-10-16 | N/A | 7.1 HIGH |
| Azure Monitor Agent Elevation of Privilege Vulnerability | |||||
| CVE-2024-45316 | 2024-10-15 | N/A | 7.8 HIGH | ||
| The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack. | |||||
| CVE-2024-27458 | 2024-10-07 | N/A | 8.8 HIGH | ||
| A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. HP is releasing mitigation for the potential vulnerability. Customers using HP Programmable Key are recommended to update HP Hotkey Support. | |||||
| CVE-2024-38188 | 1 Microsoft | 1 Azure Network Watcher Agent | 2024-09-17 | N/A | 7.1 HIGH |
| Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | |||||
| CVE-2024-43470 | 1 Microsoft | 1 Azure Network Watcher Agent | 2024-09-17 | N/A | 7.3 HIGH |
| Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | |||||
| CVE-2024-39578 | 1 Dell | 1 Powerscale Onefs | 2024-09-03 | N/A | 6.3 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering. | |||||