Total
1244 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-13043 | 1 Watchguard | 1 Panda Dome | 2025-01-03 | 7.8 High |
| Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Hotspot Shield. By creating a junction, an attacker can abuse the application to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23478. | ||||
| CVE-2024-1867 | 1 Gdata-software | 1 Total Security | 2025-01-03 | 7.8 High |
| G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the G DATA Backup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22312. | ||||
| CVE-2024-1868 | 1 Gdata-software | 1 Total Security | 2025-01-03 | 7.8 High |
| G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the G DATA Backup Service. By creating a symbolic link, an attacker can abuse the service to overwrite a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22313. | ||||
| CVE-2024-30377 | 1 Gdata-software | 1 Total Security | 2025-01-03 | 7.8 High |
| G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the G DATA AntiVirus Scan Server. By creating a symbolic link, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23381. | ||||
| CVE-2023-34283 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2025-01-03 | 4.6 Medium |
| NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of symbolic links on removable USB media. By creating a symbolic link, an attacker can abuse the router's web server to access arbitrary local files. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-19498. | ||||
| CVE-2022-21999 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2025-01-02 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2022-21997 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | 7.1 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2022-21838 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2025-01-02 | 5.5 Medium |
| Windows Cleanup Manager Elevation of Privilege Vulnerability | ||||
| CVE-2022-21919 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2025-01-02 | 7 High |
| Windows User Profile Service Elevation of Privilege Vulnerability | ||||
| CVE-2022-21895 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Server and 3 more | 2025-01-02 | 7.8 High |
| Windows User Profile Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-35633 | 1 Microsoft | 3 Windows 10 1507, Windows Server 2008, Windows Server 2012 | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35624 | 1 Microsoft | 1 Azure Connected Machine Agent | 2025-01-01 | 7.3 High |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability | ||||
| CVE-2023-36391 | 1 Microsoft | 1 Windows 11 23h2 | 2025-01-01 | 7.8 High |
| Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-36874 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-01 | 7.8 High |
| Windows Error Reporting Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-36047 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2025-01-01 | 7.8 High |
| Windows Authentication Elevation of Privilege Vulnerability | ||||
| CVE-2023-36046 | 1 Microsoft | 4 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 1 more | 2025-01-01 | 7.1 High |
| Windows Authentication Denial of Service Vulnerability | ||||
| CVE-2023-36394 | 1 Microsoft | 9 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 6 more | 2025-01-01 | 7 High |
| Windows Search Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-36399 | 1 Microsoft | 4 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 1 more | 2025-01-01 | 7.1 High |
| Windows Storage Elevation of Privilege Vulnerability | ||||
| CVE-2023-36705 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-01 | 7.8 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2023-33148 | 1 Microsoft | 2 365 Apps, Office | 2025-01-01 | 7.8 High |
| Microsoft Office Elevation of Privilege Vulnerability | ||||