CVE-2022-0029 Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file...

CVE-2022-0029 Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file...

CVE-2022-0029

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file...

Palo Alto Networks Cortex XDR 后置链接漏洞

Palo Alto Networks Cortex XDR is an extended detection and response platform that natively integrates network, endpoint, cloud, and third-party data from Palo Alto Networks, Inc. in the United States. A security vulnerability exists in Palo Alto Networks Cortex XDR that stems from the presence of...

PT-2022-12962 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR agent affected versions not specified Description: An improper link resolution issue in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated...

PT-2022-5623 · Microsoft · Windows Group Policy Preference Client +1

Name of the Vulnerable Software and Affected Versions: Windows Group Policy Preference Client affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability that allows attackers to affect the system. It is caused by improper link resolution before fi...

Amazon Linux 2022 : bsdcat, bsdcpio, bsdtar (ALAS2022-2022-059)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-059 advisory. An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provid...

CVE-2022-2898

Measuresoft ScadaPro Server and Client All Versions do not properly resolve links before file access; this could allow a denial-of-service condition...

CVE-2022-2897

Measuresoft ScadaPro Server and Client All Versions do not properly resolve links before file access; this could allow privilege escalation...

CVE-2022-2898 Measuresoft ScadaPro Server and Client Link Following

Measuresoft ScadaPro Server and Client All Versions do not properly resolve links before file access; this could allow a denial-of-service condition...

CVE-2022-2897 Measuresoft ScadaPro Server and Client Link Following

Measuresoft ScadaPro Server and Client All Versions do not properly resolve links before file access; this could allow privilege escalation...

ALPINE-CVE-2021-31566

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...

DEBIAN-CVE-2021-31566

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...

CVE-2021-31566

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...

CVE-2021-31566

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...

CVE-2021-23177

An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw...

Input validation

An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw...

Input validation

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...

CVE-2021-31566

CVE-2021-31566 affects the libarchive library and is documented across multiple advisories. The flaw is an improper link resolution during archive extraction that can change file modes, times, ACLs and flags of files outside the archive, potentially enabling a local privilege escalation. Connecte...

PT-2022-4636 · Measuresoft · Measuresoft Scadapro Server +1

Name of the Vulnerable Software and Affected Versions: Measuresoft ScadaPro Server and Client All Versions Description: The issue is related to the improper resolution of links before file access, which could allow privilege escalation. This could potentially be exploited by a remote attacker to...