14 matches found
EUVD-2020-28410
Malware in sbrugna...
EUVD-2024-16005
Malicious code in bioql PyPI...
CVE-2025-44002
Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link manipulation during...
CVE-2020-7283
Privilege Escalation vulnerability in McAfee Total Protection MTP before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine...
CVE-2024-0206
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...
Code injection
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...
CVE-2024-0206
CVE-2024-0206 affects Trellix Anti-Malware Engine prior to the January 2024 release. The root cause is a symbolic link in the Trellix ENS registry folder that a privileged, authenticated local user can create, which the Engine then follows after a scan, potentially removing files the user should ...
Trellix Anti-Malware Engine Backlink Vulnerability
Trellix Anti-Malware Engine is a security program from FireEye Trellix, Inc. Trellix Anti-Malware Engine version 6700 suffers from a back-link vulnerability that stems from the presence of a symbolic link manipulation vulnerability that allows privilege escalation by authenticated local users...
CVE-2022-38699
Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link. A physical attacker with general user privilege can modify the log file property to a symbolic link that points to arbitrary system file, causing the logging function to overwrite the...
Privilege escalation
Privilege Escalation vulnerability in McAfee Total Protection MTP before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine...
McAfee Endpoint Security for Windows 10.5.x < 10.5.5 Security Hotfix 129256 / 10.6.x < 10.6.1 April 2020 Update / 10.7.x < 10.7.0 April 2020 Update Multiple Vulnerabilities (SB10309)
The version of the McAfee Endpoint Security ENS for Windows installed on the remote Windows host is 10.5.x prior to 10.5.5 Security Hotfix 129256, 10.6.x prior to 10.6.1 April 2020 Update, or 10.7.x prior to 10.7.0 April 2020 Update. It is, therefore, affected by multiple vulnerabilities: - A...
CVE-2020-7250
Symbolic link manipulation vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via...
Design/Logic Flaw
Symbolic link manipulation vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via...
Privilege escalation
A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 v9.0.1379 and below could potentially allow an attacker to create a symbolic link to a target file and modify it...