4 matches found
CVE-2024-13960 Link Following Local Privilege Escalation Vulnerability in AVG TuneUp Version 23.4
Link Following Local Privilege Escalation Vulnerability in TuneUp Service in AVG TuneUp Version 23.4 build 15592 on Windows 10 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU time-of-check to...
CVE-2019-11482
Sander Bos discovered a time of check to time of use TOCTTOU vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories...
Code injection
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users /.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on th...
CVE-2019-7307
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users /.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on th...