Total
1417 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24559 | 3 Apple, Microsoft, Trendmicro | 6 Macos, Windows, Apex One and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
|
|||||
| CVE-2020-24556 | 3 Apple, Microsoft, Trendmicro | 5 Macos, Windows, Apex One and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of ...
Show More |
|||||
| CVE-2020-24332 | 2 Fedoraproject, Trustedcomputinggroup | 2 Fedora, Trousers | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack.
|
|||||
| CVE-2020-23968 | 1 Ilex | 1 International Sign\&go | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log.
|
|||||
| CVE-2020-1885 | 1 Oculus | 1 Desktop | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file.
|
|||||
| CVE-2020-17365 | 1 Pango | 1 Hotspot Shield | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. The vulnerability allows a local user to corrupt system files: a local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
|
|||||
| CVE-2020-16007 | 3 Debian, Google, Opensuse | 4 Debian Linux, Chrome, Backports Sle and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
|
|||||
| CVE-2020-15932 | 1 Overwolf | 1 Overwolf | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, causing elevation of privileges.
|
|||||
| CVE-2020-15401 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link.
|
|||||
| CVE-2020-15076 | 1 Openvpn | 1 Private Tunnel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp.
|
|||||
| CVE-2020-15075 | 1 Openvpn | 1 Connect | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in /tmp.
|
|||||
| CVE-2020-14990 | 1 Iobit | 1 Advanced Systemcare | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link.
|
|||||
| CVE-2020-14367 | 3 Canonical, Fedoraproject, Tuxfamily | 3 Ubuntu Linux, Fedora, Chrony | 2024-11-21 | 3.6 LOW | 6.0 MEDIUM |
|
A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service ...
Show More |
|||||
| CVE-2020-14004 | 2 Icinga, Opensuse | 3 Icinga, Backports Sle, Leap | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user.
|
|||||
| CVE-2020-13833 | 1 Google | 1 Android | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The system area allows arbitrary file overwrites via a symlink attack. The Samsung ID is SVE-2020-17183 (June 2020).
|
|||||
| CVE-2020-13095 | 1 Obdev | 1 Little Snitch | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root.
|
|||||
| CVE-2020-12878 | 1 Digi | 2 Connectport X2e, Connectport X2e Firmware | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.
|
|||||
| CVE-2020-12265 | 1 Decompress Project | 1 Decompress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The decompress package before 4.2.1 for Node.js is vulnerable to Arbitrary File Write via ../ in an archive member, when a symlink is used, because of Directory Traversal.
|
|||||
| CVE-2020-12254 | 1 Avira | 1 Antivirus | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink.
|
|||||
| CVE-2020-11736 | 3 Canonical, Debian, Gnome | 3 Ubuntu Linux, Debian Linux, File-roller | 2024-11-21 | 3.3 LOW | 3.9 LOW |
|
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
|
|||||
| CVE-2020-11474 | 1 Ncp-e | 1 Secure Enterprise Client | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic link attack on enumusb.reg via Support Assistant.
|
|||||
| CVE-2020-11446 | 1 Eset | 8 Antivirus And Antispyware, Endpoint Antivirus, Endpoint Security and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege escalation.
|
|||||
| CVE-2020-11443 | 1 Zoom | 1 It Installer | 2024-11-21 | 8.5 HIGH | 8.1 HIGH |
|
The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. Standard users are able to write to this directory, and can write links to other directories on the machine. As the installer runs with SYSTEM privileges and follows these links, a user can cause the installer to delete files that otherwise cannot be deleted by the user.
|
|||||
| CVE-2020-10947 | 1 Sophos | 2 Anti-virus For Sophos Central, Anti-virus For Sophos Home | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation.
|
|||||
| CVE-2020-10665 | 1 Docker | 1 Desktop | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker Desktop Enterprise before 2.1.0.9, Docker Desktop for Windows Stable before 2.2.0.4, and Docker Desktop for Windows Edge before 2.2.2.0.
|
|||||
| CVE-2020-10174 | 3 Canonical, Fedoraproject, Timeshift Project | 3 Ubuntu Linux, Fedora, Timeshift | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this location, an attacker can attempt to win a race condition to replace scripts created by Timeshift with attacker-controlled scripts. Upon success, an attacker-controlled script is executed with full root privi ...
Show More |
|||||
| CVE-2020-10003 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.
|
|||||
| CVE-2020-0789 | 1 Microsoft | 1 Visual Studio 2019 | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
|
A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links, aka 'Visual Studio Extension Installer Service Denial of Service Vulnerability'.
|
|||||
| CVE-2020-0779 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843.
|
|||||
| CVE-2020-0730 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
|
|||||
| CVE-2020-0616 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'.
|
|||||
| CVE-2019-9949 | 1 Westerndigital | 18 My Cloud, My Cloud Dl2100, My Cloud Dl2100 Firmware and 15 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other co ...
Show More |
|||||
| CVE-2019-8789 | 1 Apple | 3 Ipados, Iphone Os, Mac Os X | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information.
|
|||||
| CVE-2019-8568 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.
|
|||||
| CVE-2019-8463 | 1 Checkpoint | 1 Endpoint Security Clients | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.
|
|||||
| CVE-2019-8455 | 1 Checkpoint | 1 Zonealarm | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
|
|||||
| CVE-2019-8454 | 2 Checkpoint, Microsoft | 2 Endpoint Security, Windows | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system.
|
|||||
| CVE-2019-8452 | 1 Checkpoint | 2 Endpoint Security, Zonealarm | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
|
|||||
| CVE-2019-8372 | 1 Lg | 1 Lha.sys | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link and an open DACL.
|
|||||
| CVE-2019-7183 | 1 Qnap | 1 Qts | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions.
|
|||||