ROS-20251219-7301

Vulnerability in nomad related to incorrect link definition before accessing a file. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

The vulnerability of the MCP protocol of the server-filesystem allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the MCP protocol of the server-filesystem relates to the incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the VsapiNT.sys module in anti-virus software from Trend Micro’s Apex One and Apex One as a Service allows a malicious actor to elevate their privileges and execute arbitrary code within the SYSTEM context.

The vulnerability of the VsapiNT.sys module in anti-virus software from Trend Micro’s Apex One and Apex One as a Service is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitra...

The vulnerability of the Azure Service Fabric distributed system, related to incorrect definition of the link before accessing the file, allows attackers to escalate their privileges.

The vulnerability of the Azure Service Fabric distributed system is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability in the set of VMware Tools relates to incorrect definition of the link before accessing the file, allowing an attacker to escalate their privileges.

The vulnerability of the VMware Tools utility is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the software client for network access provisioning in SonicWall Connect Tunnel allows a hacker to trigger a service failure.

The vulnerability of the software client for network access provisioning in SonicWall Connect Tunnel is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow a hacker to cause a service failure...

The vulnerability of the Windows Update Stack component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows Update Stack component of the Windows operating system is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent allows a hacker to increase their privileges.

The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Azure Network Watcher VM Extension for Windows operating systems arises from an improper definition of the link before accessing a file. This allows attackers to escalate their privileges.

The vulnerability of the Azure Network Watcher VM Extension for Windows operating systems stems from an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Collector Service in the Microsoft Visual Studio software development environment allows a hacker to induce a service failure.

The vulnerability of the Collector Service in the Microsoft Visual Studio software development environment is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the printing control software in PaperCut MF and PaperCut NG lies in the incorrect definition of the link before accessing a file, allowing a violator to delete arbitrary data.

The vulnerability of the printing control software in PaperCut MF and PaperCut NG is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability could allow a perpetrator to delete arbitrary data...

The vulnerability of the Azure Network Watcher VM Extension for Windows operating systems allows a perpetrator to escalate their privileges.

The vulnerability of the Azure Network Watcher VM Extension for Windows operating systems stems from an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Damage Cleanup Engine of the Trend Micro Common Client Real-time Scan antivirus software, including the Apex One and Apex One as a Service solutions, allows a malicious actor to trigger a service failure.

The vulnerability of the Damage Cleanup Engine of the Trend Micro Common Client Real-time Scan antivirus software, specifically Apex One and Apex One as a Service, is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow an attacker to...

ROS-20240410-21

A vulnerability in the RPM Package Manager of Red Hat Enterprise Linux operating systems is related to the lack of RPM signature verification of subsection binding before importing them. Exploitation exploitation of the vulnerability could allow an attacker to escalate his privileges A...

The vulnerability of the Foundation component of the macOS operating system, which allows a hacker to disclose protected information

The vulnerability of the Foundation component of the macOS operating system is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the Updater service in Parallels Desktop hypervisor allows a hacker to execute arbitrary code and increase their privileges.

The vulnerability of the Updater service in Parallels Desktop operates due to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to elevate privileges and execute arbitrary code within the root context...

The vulnerability of the DSA service in the Intel Driver & Support Assistant software allows a hacker to escalate their privileges and execute arbitrary code.

The vulnerability of the DSA service in the Intel Driver & Support Assistant software for updating drivers is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

The vulnerability of the StorageKit component in operating systems such as iPadOS, iOS, macOS, tvOS, and watchOS allows attackers to gain unauthorized access to protected information.

The vulnerability of the StorageKit component in iPadOS, iOS, macOS, tvOS, and watchOS is related to an improper definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Apex One NT RealTime Scan (ntrtscan.exe) service of the Trend Micro Apex One and Apex One as a Service antivirus programs allows a malicious actor to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the Apex One NT RealTime Scan ntrtscan.exe component of Trend Micro’s Apex One and Apex One as a Service antivirus programs is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of NVIDIA GeForce Experience’s software relates to an incorrect definition of the link before accessing the file, allowing a hacker to delete arbitrary data.

The vulnerability of NVIDIA GeForce Experience software relates to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a remote attacker to delete arbitrary data...