Filtered by CWE-59
Filtered by vendor Subscriptions
Total 1234 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-31952 2024-11-21 6.7 Medium
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)
CVE-2024-30104 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2024-11-21 7.8 High
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-30093 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2024-11-21 7.3 High
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-30076 1 Microsoft 17 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 14 more 2024-11-21 6.8 Medium
Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2024-30065 1 Microsoft 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more 2024-11-21 5.5 Medium
Windows Themes Denial of Service Vulnerability
CVE-2024-30060 1 Microsoft 1 Azure Monitor Agent 2024-11-21 7.8 High
Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-30033 1 Microsoft 4 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 1 more 2024-11-21 7 High
Windows Search Service Elevation of Privilege Vulnerability
CVE-2024-30018 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2024-11-21 7.8 High
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-29989 1 Microsoft 2 Azure Monitor, Azure Monitor Agent 2024-11-21 8.4 High
Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-29188 2024-11-21 7.8 High
WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The custom action behind WiX's `RemoveFolderEx` functionality could allow a standard user to delete protected directories. `RemoveFolderEx` deletes an entire directory tree during installation or uninstallation. It does so by recursing every subdirectory starting at a specified directory and adding each subdirectory to the list of directories Windows Installer should delete. If the setup author instructed `RemoveFolderEx` to delete a per-user folder from a per-machine installer, an attacker could create a directory junction in that per-user folder pointing to a per-machine, protected directory. Windows Installer, when executing the per-machine installer after approval by an administrator, would delete the target of the directory junction. This vulnerability is fixed in 3.14.1 and 4.0.5.
CVE-2024-29069 1 Canonical 1 Snapd 2024-11-21 4.8 Medium
In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image (such as icons and desktop files etc) are directly read by snapd when it is extracted. An attacker who could convince a user to install a malicious snap which contained symbolic links at these paths could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow an unprivileged user to gain access to privileged information.
CVE-2024-28916 1 Microsoft 1 Xbox Gaming Services 2024-11-21 8.8 High
Xbox Gaming Services Elevation of Privilege Vulnerability
CVE-2024-28189 1 Judge0 1 Judge0 2024-11-21 10 Critical
Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (symlink) to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside of the sandbox. This vulnerability is not impactful on it's own, but it can be used to bypass the patch for CVE-2024-28185 and obtain a complete sandbox escape. This vulnerability is fixed in 1.13.1.
CVE-2024-28185 2024-11-21 10 Critical
Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox. When executing a submission, Judge0 writes a `run_script` to the sandbox directory. The security issue is that an attacker can create a symbolic link (symlink) at the path `run_script` before this code is executed, resulting in the `f.write` writing to an arbitrary file on the unsandboxed system. An attacker can leverage this vulnerability to overwrite scripts on the system and gain code execution outside of the sandbox.
CVE-2024-27885 1 Apple 1 Macos 2024-11-21 6.3 Medium
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5. An app may be able to modify protected parts of the file system.
CVE-2024-26238 1 Microsoft 2 Windows 10 21h2, Windows 10 22h2 2024-11-21 7.8 High
Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability
CVE-2024-26216 1 Microsoft 8 Windows Server 2008 R2, Windows Server 2008 Sp2, Windows Server 2012 and 5 more 2024-11-21 7.3 High
Windows File Server Resource Management Service Elevation of Privilege Vulnerability
CVE-2024-23459 2024-11-21 7.1 High
An Improper Link Resolution Before File Access ('Link Following') vulnerability in Zscaler Client Connector on Mac allows a system file to be overwritten.This issue affects Zscaler Client Connector on Mac : before 3.7.
CVE-2024-21447 1 Microsoft 7 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 4 more 2024-11-21 7.8 High
Windows Authentication Elevation of Privilege Vulnerability
CVE-2024-21397 1 Microsoft 1 Azure File Sync 2024-11-21 5.3 Medium
Microsoft Azure File Sync Elevation of Privilege Vulnerability