Total
1245 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27643 | 1 1e | 1 Client | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in protected directories (where they would not normally have access to create or modify files) via the creation of a junction point to a system directory. This leads to partial privilege escalation. | |||||
| CVE-2020-27172 | 1 Gdatasoftware | 1 G Data | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges. | |||||
| CVE-2020-26277 | 1 Dbdeployer | 1 Dbdeployer | 2024-11-21 | 4.0 MEDIUM | 6.1 MEDIUM |
| DBdeployer is a tool that deploys MySQL database servers easily. In DBdeployer before version 1.58.2, users unpacking a tarball may use a maliciously packaged tarball that contains symlinks to files external to the target. In such scenario, an attacker could induce dbdeployer to write into a system file, thus altering the computer defenses. For the attack to succeed, the following factors need to contribute: 1) The user is logged in as root. While dbdeployer is usable as root, it was designed to run as unprivileged user. 2) The user has taken a tarball from a non secure source, without testing the checksum. When the tarball is retrieved through dbdeployer, the checksum is compared before attempting to unpack. This has been fixed in version 1.58.2. | |||||
| CVE-2020-25989 | 1 Pritunl | 1 Pritunl-client-electron | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges. | |||||
| CVE-2020-25776 | 1 Trendmicro | 1 Antivirus | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2020-25744 | 1 Safervpn | 1 Safervpn | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| SaferVPN before 5.0.3.3 on Windows could allow low-privileged users to create or overwrite arbitrary files, which could cause a denial of service (DoS) condition, because a symlink from %LOCALAPPDATA%\SaferVPN\Log is followed. | |||||
| CVE-2020-25289 | 1 Avast | 1 Secureline Vpn | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory (which has weak permissions). | |||||
| CVE-2020-25031 | 1 Canonical | 1 Checkinstall | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file. | |||||
| CVE-2020-24955 | 1 Superantispyware | 1 Professional X | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| SUPERAntiSyware Professional X Trial 10.0.1206 is vulnerable to local privilege escalation because it allows unprivileged users to restore a malicious DLL from quarantine into the system32 folder via an NTFS directory junction, as demonstrated by a crafted ualapi.dll file that is detected as malware. | |||||
| CVE-2020-24654 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. | |||||
| CVE-2020-24562 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This CVE is similar, but not identical to CVE-2020-24556. | |||||
| CVE-2020-24559 | 3 Apple, Microsoft, Trendmicro | 6 Macos, Windows, Apex One and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2020-24556 | 3 Apple, Microsoft, Trendmicro | 5 Macos, Windows, Apex One and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected. | |||||
| CVE-2020-24332 | 2 Fedoraproject, Trustedcomputinggroup | 2 Fedora, Trousers | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack. | |||||
| CVE-2020-23968 | 1 Ilex | 1 International Sign\&go | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log. | |||||
| CVE-2020-1885 | 1 Oculus | 1 Desktop | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file. | |||||
| CVE-2020-17365 | 1 Pango | 1 Hotspot Shield | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. The vulnerability allows a local user to corrupt system files: a local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application. | |||||
| CVE-2020-16939 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p> <p>The security update addresses the vulnerability by correcting how Group Policy checks access.</p> | |||||
| CVE-2020-16853 | 1 Microsoft | 1 Onedrive | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| <p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.</p> <p>The update addresses this vulnerability by correcting where the OneDrive updater performs file writes while running with elevation.</p> | |||||
| CVE-2020-16851 | 1 Microsoft | 1 Onedrive | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| <p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.</p> <p>The update addresses this vulnerability by correcting where the OneDrive updater performs file writes while running with elevation.</p> | |||||