Lucene search
K

68 matches found

NVD
NVD
added 2024/08/06 4:15 p.m.21 views

CVE-2024-23458

While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows 4.2.0.190...

7.8CVSS0.00115EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/06 3:22 p.m.25 views

CVE-2024-23458 Local Privilege Escalation on Zscaler Client Connector on Windows

While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows 4.2.0.190...

7.3CVSS0.00115EPSS
Exploits0References1
CVE
CVE
added 2024/08/06 3:22 p.m.42 views

CVE-2024-23458

Summary (CVE-2024-23458): A missing reparse point check while copying individual autoupdater log files allows crafted attacks that could enable local privilege escalation on Zscaler Client Connector for Windows versions prior to 4.2.0.190 . Affected component is the autoupdater/log handling path;...

7.8CVSS7AI score0.00115EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/06 3:22 p.m.19 views

CVE-2024-23458 Local Privilege Escalation on Zscaler Client Connector on Windows

While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows 4.2.0.190...

7.3CVSS6.8AI score0.00115EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.3 views

PT-2024-19880 · Zscaler · Zscaler Client Connector

Name of the Vulnerable Software and Affected Versions: Zscaler Client Connector versions prior to 4.2.0.190 Description: The issue is related to a missing reparse point check while copying individual autoupdater log files. This could result in crafted attacks, potentially leading to a local...

7.8CVSS7AI score0.00115EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2024/02/20 8:0 a.m.350 views

November 14, 2023—KB5032196 (OS Build 17763.5122) - EXPIRED

November 14, 2023—KB5032196 OS Build 17763.5122 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. 11/17/20 For...

9.8CVSS6.9AI score0.88196EPSS
Exploits13
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.4 views

SUSE CVE-2018-11728

The libfsntfsreparsepointvaluesreaddata function in libfsntfsreparsepointvalues.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs iss...

5.5CVSS6.6AI score0.01165EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/04/08 12:0 a.m.8 views

The vulnerability of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, and Kaspersky Security Cloud antivirus protection lies in their handling of symbolic links, which allows a malicious user to delete any file in the system.

The vulnerability of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, and Kaspersky Security Cloud antivirus programs is related to errors in processing symbolic links. Exploiting this vulnerability can allow an attacker to delete any...

7.9CVSS5.5AI score
Exploits0References1Affected Software5
Hacker One
Hacker One
added 2020/01/13 2:31 p.m.20 views

Dropbox: Local Privilege Escalation on Dropbox Desktop for Windows

This report describes a local privilege escalation in the Dropbox automatic updater process on Windows. It would allow a malicious actor who had already gained non-admin access to a Windows computer to obtain admin privileges, if Dropbox had previously been installed with admin privileges. This...

2.7AI score
Exploits0
CNVD
CNVD
added 2018/06/20 12:0 a.m.2 views

libfsntfs information disclosure vulnerability (CNVD-2018-16527)

libfsntfs is a library for accessing the New Technology File System NTFS. An information disclosure vulnerability exists in the libfsntfsreparsepointvaluesreaddata function in libfsntfsreparsepointvalues.c on 2018-04-20 and earlier. An attacker can exploit this vulnerability to obtain information...

5.5CVSS5.1AI score0.01165EPSS
Exploits0References1
Prion
Prion
added 2018/06/19 9:29 p.m.15 views

Heap overflow

DISPUTED The libfsntfsreparsepointvaluesreaddata function in libfsntfsreparsepointvalues.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted ntfs file. NOTE: the vendor has disputed this as described in...

1.9CVSS5.4AI score0.01165EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/06/19 9:29 p.m.1 views

UBUNTU-CVE-2018-11728

DISPUTED The libfsntfsreparsepointvaluesreaddata function in libfsntfsreparsepointvalues.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted ntfs file. NOTE: the vendor has disputed this as described in...

5.5CVSS6.2AI score0.01165EPSS
Exploits0References4
OSV
OSV
added 2018/06/19 9:29 p.m.3 views

DEBIAN-CVE-2018-11728

The libfsntfsreparsepointvaluesreaddata function in libfsntfsreparsepointvalues.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs iss...

5.5CVSS5.7AI score0.01165EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2018/06/19 9:0 p.m.19 views

CVE-2018-11728

The libfsntfsreparsepointvaluesreaddata function in libfsntfsreparsepointvalues.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs iss...

5.5AI score0.01165EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/06/19 12:0 a.m.4 views

PT-2018-10786 · Libyal · Libfsntfs

Name of the Vulnerable Software and Affected Versions: libfsntfs versions through 2018-04-20 Description: The issue allows remote attackers to cause an information disclosure via a crafted ntfs file. This is due to a heap-based buffer over-read in the libfsntfs reparse point values read data...

5.5CVSS5.7AI score0.01165EPSS
Exploits0References9
seebug.org
seebug.org
added 2018/02/24 12:0 a.m.68 views

Windows: NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous Behavior(CVE-2018-0823)

Windows: NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous Behavior Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege/Dangerous Behavior Summary: It’s possible to create NPFS symlinks as a low IL or...

7AI score0.02683EPSS
Exploits3
seebug.org
seebug.org
added 2018/02/24 12:0 a.m.78 views

Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege(CVE-2018-0822)

Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege Summary: It’s possible to use the new Global Reparse Point functionality introduced in Windo...

7.3AI score0.02683EPSS
Exploits3
0day.today
0day.today
added 2018/02/20 12:0 a.m.57 views

Microsoft Windows - Global Reparse Point Security Feature Bypass/Elevation of Privilege Exploit

Exploit for windows platform in category local exploits Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege Summary: It’s possible to use the ne...

7AI score0.02683EPSS
Exploits3
exploitpack
exploitpack
added 2018/02/20 12:0 a.m.25 views

Microsoft Windows - NPFS Symlink Security Feature BypassElevation of PrivilegeDangerous Behavior

Microsoft Windows - NPFS Symlink Security Feature BypassElevation of PrivilegeDangerous Behavior Windows: NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous Behavior Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevati...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/02/20 12:0 a.m.14 views

Microsoft Windows - Global Reparse Point Security Feature BypassElevation of Privilege

Microsoft Windows - Global Reparse Point Security Feature BypassElevation of Privilege Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege...

0.2AI score
Exploits0
Rows per page
Query Builder