Total
1318 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-29188 | 2024-11-21 | N/A | 7.9 HIGH | ||
| WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The custom action behind WiX's `RemoveFolderEx` functionality could allow a standard user to delete protected directories. `RemoveFolderEx` deletes an entire directory tree during installation or uninstallation. It does so by recursing every subdirectory starting at a specified directory and adding each subdirectory to the list of directories Windows Installer should delete. If the setup author instructed `RemoveFolderEx` to delete a per-user folder from a per-machine installer, an attacker could create a directory junction in that per-user folder pointing to a per-machine, protected directory. Windows Installer, when executing the per-machine installer after approval by an administrator, would delete the target of the directory junction. This vulnerability is fixed in 3.14.1 and 4.0.5. | |||||
| CVE-2024-29069 | 1 Canonical | 1 Snapd | 2024-11-21 | N/A | 4.8 MEDIUM |
| In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image (such as icons and desktop files etc) are directly read by snapd when it is extracted. An attacker who could convince a user to install a malicious snap which contained symbolic links at these paths could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow an unprivileged user to gain access to privileged information. | |||||
| CVE-2024-28189 | 2024-11-21 | N/A | 10.0 CRITICAL | ||
| Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (symlink) to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside of the sandbox. This vulnerability is not impactful on it's own, but it can be used to bypass the patch for CVE-2024-28185 and obtain a complete sandbox escape. This vulnerability is fixed in 1.13.1. | |||||
| CVE-2024-28185 | 2024-11-21 | N/A | 10.0 CRITICAL | ||
| Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox. When executing a submission, Judge0 writes a `run_script` to the sandbox directory. The security issue is that an attacker can create a symbolic link (symlink) at the path `run_script` before this code is executed, resulting in the `f.write` writing to an arbitrary file on the unsandboxed system. An attacker can leverage this vulnerability to overwrite scripts on the system and gain code execution outside of the sandbox. | |||||
| CVE-2024-23459 | 2024-11-21 | N/A | 7.1 HIGH | ||
| An Improper Link Resolution Before File Access ('Link Following') vulnerability in Zscaler Client Connector on Mac allows a system file to be overwritten.This issue affects Zscaler Client Connector on Mac : before 3.7. | |||||
| CVE-2024-21397 | 1 Microsoft | 1 Azure File Sync | 2024-11-21 | N/A | 5.3 MEDIUM |
| Microsoft Azure File Sync Elevation of Privilege Vulnerability | |||||
| CVE-2024-21329 | 1 Microsoft | 1 Azure Connected Machine Agent | 2024-11-21 | N/A | 7.3 HIGH |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability | |||||
| CVE-2024-20656 | 1 Microsoft | 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2024-1329 | 1 Hashicorp | 1 Nomad | 2024-11-21 | N/A | 7.7 HIGH |
| HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. This vulnerability, CVE-2024-1329, is fixed in Nomad 1.7.4, 1.6.7, and 1.5.14. | |||||
| CVE-2024-0206 | 2 Microsoft, Trellix | 2 Windows, Anti-malware Engine | 2024-11-21 | N/A | 7.1 HIGH |
| A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files | |||||
| CVE-2024-0068 | 2024-11-21 | N/A | 5.5 MEDIUM | ||
| Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1. | |||||
| CVE-2023-7216 | 2 Gnu, Redhat | 2 Cpio, Enterprise Linux | 2024-11-21 | N/A | 5.3 MEDIUM |
| A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks. | |||||
| CVE-2023-6336 | 2 Apple, Hypr | 2 Macos, Workforce Access | 2024-11-21 | N/A | 7.2 HIGH |
| Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. | |||||
| CVE-2023-6335 | 2 Hypr, Microsoft | 2 Workforce Access, Windows | 2024-11-21 | N/A | 6.4 MEDIUM |
| Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. | |||||
| CVE-2023-6069 | 1 Froxlor | 1 Froxlor | 2024-11-21 | N/A | 9.9 CRITICAL |
| Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0. | |||||
| CVE-2023-5834 | 1 Hashicorp | 1 Vagrant | 2024-11-21 | N/A | 3.8 LOW |
| HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0. | |||||
| CVE-2023-52338 | 1 Trendmicro | 2 Deep Security, Deep Security Agent | 2024-11-21 | N/A | 7.8 HIGH |
| A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-51654 | 1 Brother | 1 Iprint\&scan | 2024-11-21 | N/A | 5.5 MEDIUM |
| Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan Desktop for Windows versions 11.0.0 and earlier. A symlink attack by a malicious user may cause a Denial-of-service (DoS) condition on the PC. | |||||
| CVE-2023-4759 | 3 Apple, Eclipse, Microsoft | 3 Macos, Jgit, Windows | 2024-11-21 | N/A | 8.8 HIGH |
| Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem. This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier). This can be exploited for remote code execution (RCE), for instance if the file written outside the working tree is a git filter that gets executed on a subsequent git command. The issue occurs only on case-insensitive filesystems, like the default filesystems on Windows and macOS. The user performing the clone or checkout must have the rights to create symbolic links for the problem to occur, and symbolic links must be enabled in the git configuration. Setting git configuration option core.symlinks = false before checking out avoids the problem. The issue was fixed in Eclipse JGit version 6.6.1.202309021850-r and 6.7.0.202309050840-r, available via Maven Central https://repo1.maven.org/maven2/org/eclipse/jgit/ and repo.eclipse.org https://repo.eclipse.org/content/repositories/jgit-releases/ . A backport is available in 5.13.3 starting from 5.13.3.202401111512-r. The JGit maintainers would like to thank RyotaK for finding and reporting this issue. | |||||
| CVE-2023-4053 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A | 6.5 MEDIUM |
| A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2. | |||||