7 matches found
MiracleLinux 8 : libarchive-3.3.3-3.el8 (AXSA:2022-3102:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3102:01 advisory. libarchive: extracting a symlink with ACLs modifies ACLs of target CVE-2021-23177 libarchive: symbolic links incorrectly followed when changing mode...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via improper handling of symbolic links before file access. An attacker can gain elevated privileges by exploiting the way the system resolves links, potentially accessing or modifying files with higher permissions...
The vulnerability of the DSA service in the Intel Driver & Support Assistant software, related to incorrect handling of the link before accessing the file, allows an attacker to escalate their privileges within the system.
The vulnerability of the DSA service in the Intel Driver & Support Assistant software for updating drivers is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges within the system using a...
The vulnerability of the file-sharing software for disconnected desktops, Warpinator, arises from an improper definition of the link before accessing files. This allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the file-sharing software between remote desktops in Warpinator relates to the improper handling of links before accessing files. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the `program_after_update` function in the Trend Micro Antivirus protection tool allows attackers to enhance their privileges.
The vulnerability of the programafterupdate function in the Trend Micro Antivirus protection tool is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges...
Shopware 输入验证错误漏洞
Shopware is a set of open source e-commerce software from the German company Shopware. shopware has an open redirect vulnerability in versions prior to 5.7.7, which stems from incomplete URL handling in shopware routing and can be exploited by attackers to redirect users to arbitrary websites...
The vulnerability of Trend Micro Deep Security Agent lies in its improper handling of links before accessing a file. This allows attackers to delete any files they desire.
The vulnerability of the Trend Micro Deep Security Agent lies in the improper handling of links before accessing a file. Exploiting this vulnerability could allow an attacker to delete any files they desire...