Total
1174 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-45231 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2024-08-04 | 7.8 High |
| A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-44730 | 3 Canonical, Debian, Fedoraproject | 4 Snapd, Ubuntu Linux, Debian Linux and 1 more | 2024-08-04 | 7.8 High |
| snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 | ||||
| CVE-2021-44141 | 3 Fedoraproject, Redhat, Samba | 4 Fedora, Enterprise Linux, Storage and 1 more | 2024-08-04 | 4.3 Medium |
| All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. | ||||
| CVE-2021-44023 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+ Security 2021, Internet Security 2021 and 2 more | 2024-08-04 | 7.1 High |
| A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service. | ||||
| CVE-2021-44024 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2024-08-04 | 7.1 High |
| A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-44038 | 1 Quagga | 1 Quagga | 2024-08-04 | 7.8 High |
| An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update. | ||||
| CVE-2021-43238 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.8 High |
| Windows Remote Access Elevation of Privilege Vulnerability | ||||
| CVE-2021-43237 | 1 Microsoft | 13 Windows 10, Windows 10 1809, Windows 10 1909 and 10 more | 2024-08-04 | 7.8 High |
| Windows Setup Elevation of Privilege Vulnerability | ||||
| CVE-2021-42297 | 1 Microsoft | 1 Windows 10 Update Assistant | 2024-08-04 | 5 Medium |
| Windows 10 Update Assistant Elevation of Privilege Vulnerability | ||||
| CVE-2021-42056 | 3 Linux, Microsoft, Thalesgroup | 3 Linux Kernel, Windows, Safenet Authentication Client | 2024-08-04 | 6.7 Medium |
| Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges. | ||||
| CVE-2021-41641 | 1 Deno | 1 Deno | 2024-08-04 | 8.4 High |
| Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory. | ||||
| CVE-2021-41551 | 1 Leostream | 1 Connection Broker | 2024-08-04 | 4.9 Medium |
| Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link. | ||||
| CVE-2021-41379 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2024-08-04 | 5.5 Medium |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2021-41057 | 3 Microsoft, Siemens, Wibu | 11 Windows, Pss Cape, Pss E and 8 more | 2024-08-04 | 7.1 High |
| In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions. | ||||
| CVE-2021-41072 | 3 Debian, Redhat, Squashfs-tools Project | 3 Debian Linux, Enterprise Linux, Squashfs-tools | 2024-08-04 | 8.1 High |
| squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem. | ||||
| CVE-2021-39135 | 3 Npmjs, Oracle, Siemens | 4 Arborist, Npm, Graalvm and 1 more | 2024-08-04 | 8.2 High |
| `@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder. This is accomplished by extracting package contents into a project's `node_modules` folder. If the `node_modules` folder of the root project or any of its dependencies is somehow replaced with a symbolic link, it could allow Arborist to write package dependencies to any arbitrary location on the file system. Note that symbolic links contained within package artifact contents are filtered out, so another means of creating a `node_modules` symbolic link would have to be employed. 1. A `preinstall` script could replace `node_modules` with a symlink. (This is prevented by using `--ignore-scripts`.) 2. An attacker could supply the target with a git repository, instructing them to run `npm install --ignore-scripts` in the root. This may be successful, because `npm install --ignore-scripts` is typically not capable of making changes outside of the project directory, so it may be deemed safe. This is patched in @npmcli/arborist 2.8.2 which is included in npm v7.20.7 and above. For more information including workarounds please see the referenced GHSA-gmw6-94gg-2rc2. | ||||
| CVE-2021-39134 | 3 Npmjs, Oracle, Siemens | 4 Arborist, Npm, Graalvm and 1 more | 2024-08-04 | 8.2 High |
| `@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder. This is, in part, accomplished by resolving dependency specifiers defined in `package.json` manifests for dependencies with a specific name, and nesting folders to resolve conflicting dependencies. When multiple dependencies differ only in the case of their name, Arborist's internal data structure saw them as separate items that could coexist within the same level in the `node_modules` hierarchy. However, on case-insensitive file systems (such as macOS and Windows), this is not the case. Combined with a symlink dependency such as `file:/some/path`, this allowed an attacker to create a situation in which arbitrary contents could be written to any location on the filesystem. For example, a package `pwn-a` could define a dependency in their `package.json` file such as `"foo": "file:/some/path"`. Another package, `pwn-b` could define a dependency such as `FOO: "file:foo.tgz"`. On case-insensitive file systems, if `pwn-a` was installed, and then `pwn-b` was installed afterwards, the contents of `foo.tgz` would be written to `/some/path`, and any existing contents of `/some/path` would be removed. Anyone using npm v7.20.6 or earlier on a case-insensitive filesystem is potentially affected. This is patched in @npmcli/arborist 2.8.2 which is included in npm v7.20.7 and above. | ||||
| CVE-2021-38511 | 1 Tar Project | 1 Tar | 2024-08-04 | 7.5 High |
| An issue was discovered in the tar crate before 0.4.36 for Rust. When symlinks are present in a TAR archive, extraction can create arbitrary directories via .. traversal. | ||||
| CVE-2021-38570 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-08-04 | 9.1 Critical |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink. | ||||
| CVE-2021-37969 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2024-08-04 | 7.8 High |
| Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. | ||||