CVE-2023-24577

McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks...

Design/Logic Flaw

McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks...

CVE-2023-24577

McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks...

McAfee Total Protection 后置链接漏洞

McAfee Total Protection MTP is a suite of antivirus software from McAfee, Inc. A security vulnerability exists in McAfee Total Protection prior to version 16.0.50, which stems from incorrect link resolution. The vulnerability can be exploited by an attacker to elevate user privileges via the...

CVE-2023-24577

McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks...

SUSE CVE-2020-2024

An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS...

SUSE CVE-2021-23177

An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw...

SUSE CVE-2021-31566

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...

SUSE CVE-2022-31256

A Improper Link Resolution Before File Access 'Link Following' vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1...

Debian dla-3202 : bsdcpio - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3202 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3202-1 [email protected]...

Git Source Code Management Code Execution (CVE-2021-21300)

An improper link resolution exists in the checkout mechanism of Git Source Code Management git-scm by Git. An out-of-order checkout triggered by a delayed checkout or checkout-index may result in an improper validation of a file resource type prior to performing a file write operation. A remote...

Input validation

A Improper Link Resolution Before File Access 'Link Following' vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1...

CVE-2022-31256 sendmail: mail to root privilege escalation via sm-client.pre script

A Improper Link Resolution Before File Access 'Link Following' vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1...

CVE-2022-31256

CVE-2022-31256 is a local privilege-escalation issue in the openSUSE/openSUSE Factory sendmail workflow. Affected component: a script invoked by the sendmail systemd service. Root cause: improper link resolution before file access ("link following") in that script allows a local attacker to escal...

CVE-2022-31256

A Improper Link Resolution Before File Access 'Link Following' vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1...

PT-2022-20643 · Sendmail +1 · Sendmail +1

Name of the Vulnerable Software and Affected Versions: openSUSE Factory sendmail versions prior to 8.17.1-1.1 Description: A local attacker can exploit an Improper Link Resolution Before File Access issue, also known as 'Link Following', in a script used by the sendmail systemd service to escalat...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2022-2568)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : libarchive (EulerOS-SA-2022-2568)

According to the versions of the libarchive packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target o...

CVE-2022-0029

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file...

Input validation

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file...