Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-13960

Summary
Assigner-NLOK
Assigner Org ID-dbd8429d-f261-4b1e-94cc-ae3132817e2e
Published At-09 May, 2025 | 15:20
Updated At-09 May, 2025 | 18:54
Rejected At-
Credits

Link Following Local Privilege Escalation Vulnerability in AVG TuneUp Version 23.4

Link Following Local Privilege Escalation Vulnerability in TuneUp Service in AVG TuneUp Version 23.4 (build 15592) on Windows 10 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:NLOK
Assigner Org ID:dbd8429d-f261-4b1e-94cc-ae3132817e2e
Published At:09 May, 2025 | 15:20
Updated At:09 May, 2025 | 18:54
Rejected At:
▼CVE Numbering Authority (CNA)
Link Following Local Privilege Escalation Vulnerability in AVG TuneUp Version 23.4

Link Following Local Privilege Escalation Vulnerability in TuneUp Service in AVG TuneUp Version 23.4 (build 15592) on Windows 10 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.

Affected Products
Vendor
AVG
Product
TuneUp
Platforms
  • Windows
Default Status
affected
Versions
Affected
  • 23.4 (custom)
Unaffected
  • 24.1 31.7.2024 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-59CWE-59 Improper Link Resolution Before File Access ('Link Following')
CWECWE-367CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
Type: CWE
CWE ID: CWE-59
Description: CWE-59 Improper Link Resolution Before File Access ('Link Following')
Type: CWE
CWE ID: CWE-367
Description: CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-233CAPEC-233 Privilege Escalation
CAPEC ID: CAPEC-233
Description: CAPEC-233 Privilege Escalation
Solutions

Update to v24.1 31.7.2024 or newer.

Configurations
Workarounds
Exploits
Credits
reporter
Zero Day Initiative
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.gendigital.com/us/en/contact-us/security-advisories/
N/A
Hyperlink: https://www.gendigital.com/us/en/contact-us/security-advisories/
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@nortonlifelock.com
Published At:09 May, 2025 | 16:15
Updated At:12 May, 2025 | 17:32

Link Following Local Privilege Escalation Vulnerability in TuneUp Service in AVG TuneUp Version 23.4 (build 15592) on Windows 10 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-59Secondarysecurity@nortonlifelock.com
CWE-367Secondarysecurity@nortonlifelock.com
CWE ID: CWE-59
Type: Secondary
Source: security@nortonlifelock.com
CWE ID: CWE-367
Type: Secondary
Source: security@nortonlifelock.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.gendigital.com/us/en/contact-us/security-advisories/security@nortonlifelock.com
N/A
Hyperlink: https://www.gendigital.com/us/en/contact-us/security-advisories/
Source: security@nortonlifelock.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

341Records found
CVE-2024-13959
Matching Score-10
Assigner-NortonLifeLock Inc.
ShareView Details
Matching Score-10
Assigner-NortonLifeLock Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.22%
||
7 Day CHG~0.00%
Published-09 May, 2025 | 15:20
Updated-12 May, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Link Following Local Privilege Escalation Vulnerability in AVG TuneUp 24.2.16593.9844

Link Following Local Privilege Escalation Vulnerability in TuneupSvc.exe in AVG TuneUp 24.2.16593.9844 on Windows allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging the service to delete a directory

Action-Not Available
Vendor-AVG
Product-TuneUp
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-13944
Matching Score-10
Assigner-NortonLifeLock Inc.
ShareView Details
Matching Score-10
Assigner-NortonLifeLock Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.69%
||
7 Day CHG~0.00%
Published-09 May, 2025 | 15:18
Updated-13 Oct, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Link Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities Ultimate (Also affects Avast CleanUp and AVG TuneUp)

Link Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities Ultimate Version 24.2.16862.6344 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via the creation of a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.

Action-Not Available
Vendor-AVGNortonAvast
Product-TuneUpCleanUpNorton Utilities Ultimate
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-13032
Matching Score-10
Assigner-NortonLifeLock Inc.
ShareView Details
Matching Score-10
Assigner-NortonLifeLock Inc.
CVSS Score-9.9||CRITICAL
EPSS-0.04% / 10.48%
||
7 Day CHG~0.00%
Published-11 Nov, 2025 | 16:16
Updated-08 Dec, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3  on windows allows local attacker to escalate privelages via pool overflow.

Action-Not Available
Vendor-avastAvastAvsatAVGMicrosoft Corporation
Product-antiviruswindowsOne(Free/Premiium/Ultimeat) Antivirus(Free/Inernet Security/Ultimate) Antivirus
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-7234
Matching Score-10
Assigner-Zero Day Initiative
ShareView Details
Matching Score-10
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.95%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:12
Updated-19 Dec, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22260.

Action-Not Available
Vendor-avgAVGavg
Product-antivirusAntiVirus Freeanti-virus
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7237
Matching Score-10
Assigner-Zero Day Initiative
ShareView Details
Matching Score-10
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.77%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:12
Updated-19 Dec, 2024 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22960.

Action-Not Available
Vendor-avgAVGavg
Product-antivirusAntiVirus Freeanti-virus
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-6510
Matching Score-8
Assigner-cirosec GmbH
ShareView Details
Matching Score-8
Assigner-cirosec GmbH
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.61%
||
7 Day CHG~0.00%
Published-12 Sep, 2024 | 14:18
Updated-02 Oct, 2024 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation vulnerability in AVG Internet Security

Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking.

Action-Not Available
Vendor-avgAVGavg
Product-internet_securityInternet Securityinternet_security
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-749
Exposed Dangerous Method or Function
CVE-2023-1585
Matching Score-6
Assigner-NortonLifeLock Inc.
ShareView Details
Matching Score-6
Assigner-NortonLifeLock Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 21.71%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 18:27
Updated-05 Feb, 2025 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later.

Action-Not Available
Vendor-avastavgAVGAvastMicrosoft Corporation
Product-windowsantivirusanti-virusAVG AntivirusAvast Antivirus
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2023-1586
Matching Score-6
Assigner-NortonLifeLock Inc.
ShareView Details
Matching Score-6
Assigner-NortonLifeLock Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 32.91%
||
7 Day CHG+0.01%
Published-19 Apr, 2023 | 18:35
Updated-05 Feb, 2025 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11

Action-Not Available
Vendor-avastavgAVGAvastMicrosoft Corporation
Product-anti-virusantiviruswindowsAVG AntivirusAvast Antivirus
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-7235
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-6.1||MEDIUM
EPSS-0.09% / 25.20%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:12
Updated-19 Dec, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AVG AntiVirus Free Link Following Denial-of-Service Vulnerability

AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. . Was ZDI-CAN-22803.

Action-Not Available
Vendor-avgAVG
Product-antivirusAntiVirus Free
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7236
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 24.89%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:12
Updated-19 Dec, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability

AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Installer. By creating a symbolic link, an attacker can abuse the update functionality to create a file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. Was ZDI-CAN-22942.

Action-Not Available
Vendor-avgAVG
Product-antivirusAntiVirus Free
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-1921
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.23%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830wcd9380_firmwarewcn3990sd780gsd865_5gqca6595qca6431_firmwaresdx24sdx55m_firmwarewcn6856_firmwarewcd9360_firmwarewsa8835wcn3950_firmwarewcd9380sd888_5gqca6420_firmwareqca6390_firmwarewcd9370sd675_firmwarewcn6855_firmwareqca6426sdx24_firmwarewcn3990_firmwareqrb5165n_firmwaresm7325qca6430_firmwarewcn3980wcn6750wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950whs9410wcd9340_firmwaresd855wsa8815wcn6850qsm8350_firmwareqsm8350sd_8c_firmwareqca6426_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcd9375_firmwarewcn3998_firmwarewcn3980_firmwareqca6391sdx55mwcd9360qca6420qca6436_firmwareqrb5165nqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd778gsa6155p_firmwarewhs9410_firmwarewcn7851qcs6490qrb5165_firmwaresdxr2_5gqcm6490_firmwareqrb5165wcn6851_firmwareqca6430qca6574auqca6421sd778g_firmwarewcd9340sa8195psdm830_firmwarewsa8810_firmwarewcd9341_firmwarewsa8810sd870qca6436wcn6851wcn6855sa6155pwcn7851_firmwarewcn6856sd_8cwcd9385wcd9341qca6431qcs6490_firmwareqca6595_firmwaresd870_firmwarewcn6740qca6391_firmwareqca6390wcd9375sd_8cxaqt1000sd780g_firmwarewcd9370_firmwaresdx55sd675wsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresdm830wcn6750_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-52050
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.20%
||
7 Day CHG~0.00%
Published-31 Dec, 2024 | 16:13
Updated-31 Dec, 2024 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-Trend Micro Apex OneTrend Micro Apex One as a Service
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2018-6954
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.55%
||
7 Day CHG~0.00%
Published-13 Feb, 2018 | 20:00
Updated-09 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on.

Action-Not Available
Vendor-systemd_projectn/aCanonical Ltd.openSUSE
Product-leapubuntu_linuxsystemdn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-47480
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.67%
||
7 Day CHG~0.00%
Published-18 Dec, 2024 | 01:05
Updated-04 Feb, 2025 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege attacker with local access may exploit this vulnerability, potentially resulting in Elevation of Privileges and unauthorized file system access.

Action-Not Available
Vendor-Dell Inc.
Product-inventory_collectorInventory Collector Client
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2015-1130
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-21.07% / 95.51%
||
7 Day CHG~0.00%
Published-10 Apr, 2015 | 14:00
Updated-22 Oct, 2025 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-08-10||Apply updates per vendor instructions.

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/aOS X
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-49051
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.66% / 70.72%
||
7 Day CHG+0.07%
Published-12 Nov, 2024 | 17:54
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PC Manager Elevation of Privilege Vulnerability

Microsoft PC Manager Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-pc_managerMicrosoft PC Manager
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-49046
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.76%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:53
Updated-08 Jul, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_24h2windows_server_2025windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2025Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows Server 2008 Service Pack 2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-45565
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.62%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:31
Updated-09 May, 2025 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver

Memory corruption when blob structure is modified by user-space after kernel verification.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_429_mobile_firmwarewcn3620_firmwaresdm429wwcn3620sdm429w_firmwarewcn3660b_firmwaresnapdragon_429_mobilewcn3660bSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-48394
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.41%
||
7 Day CHG~0.00%
Published-05 Feb, 2025 | 00:00
Updated-19 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the NDD Print solution, which could allow an unprivileged user to exploit this flaw and gain SYSTEM-level access on the device. The vulnerability affects version 5.24.3 and before of the software.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-43551
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.52% / 66.39%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:35
Updated-08 Jul, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Storage Elevation of Privilege Vulnerability

Windows Storage Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 10 Version 21H2Windows Server 2019 (Server Core installation)Windows 11 Version 24H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2019Windows 10 Version 1809Windows 10 Version 1607Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows 11 Version 23H2Windows 11 version 21H2Windows 11 version 22H3
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-43501
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.58% / 68.27%
||
7 Day CHG-0.10%
Published-08 Oct, 2024 | 17:35
Updated-08 Jul, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Common Log File System Driver Elevation of Privilege Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-36336
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.58%
||
7 Day CHG~0.00%
Published-29 Jul, 2022 | 23:15
Updated-03 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsworry-free_business_securityworry-free_business_security_servicesTrend Micro Apex OneTrend Micro Worry-Free Business Security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-36927
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-8.8||HIGH
EPSS-0.04% / 10.61%
||
7 Day CHG~0.00%
Published-09 Jan, 2023 | 00:00
Updated-09 Apr, 2025 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Privilege Escalation in Zoom Rooms for macOS Clients

Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsZoom Rooms for macOS
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2022-36929
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.88%
||
7 Day CHG~0.00%
Published-09 Jan, 2023 | 00:00
Updated-09 Apr, 2025 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Privilege Escalation in Zoom Rooms for Windows Clients

The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsZoom Rooms for Windows
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2022-34899
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7||HIGH
EPSS-0.08% / 22.56%
||
7 Day CHG~0.00%
Published-18 Jul, 2022 | 14:17
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16134.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_accessAccess
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-46744
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.79%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 07:12
Updated-05 Jan, 2026 | 10:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Squashfs: sanity check symbolic link size

In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read from disk. The reason why the corrupted symlink size causes an uninitialised page is due to the following sequence of events: 1. squashfs_read_inode() is called to read the symbolic link from disk. This assigns the corrupted value 3875536935 to inode->i_size. 2. Later squashfs_symlink_read_folio() is called, which assigns this corrupted value to the length variable, which being a signed int, overflows producing a negative number. 3. The following loop that fills in the page contents checks that the copied bytes is less than length, which being negative means the loop is skipped, producing an uninitialised page. This patch adds a sanity check which checks that the symbolic link size is not larger than expected. -- V2: fix spelling mistake.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-45560
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840qcm6490_firmwaresdm429wsc8380xp_firmwareqcs5430wsa8845h_firmwareqca6420wcn3620_firmwarewsa8845qcm6490wcd9380_firmwareqca6391_firmwaresc8180x-ad_firmwareqca6391qcs5430_firmwarewcn3660bsdm429w_firmwareqca6430wsa8845_firmwarevideo_collaboration_vc3_platform_firmwareqcm5430wcd9370wcd9340_firmwaresc8180x-acafsnapdragon_429_mobile_firmwarewsa8835wsa8845haqt1000_firmwarefastconnect_7800wcd9341_firmwarewcd9340wcd9341sc8280xp-abbbsc8180x-aaab_firmwarefastconnect_6900qcm5430_firmwarefastconnect_6800snapdragon_7c\+_gen_3_computesnapdragon_429_mobilefastconnect_6700wcd9375_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewsa8810_firmwarewcd9385_firmwarewsa8810fastconnect_6700_firmwaresc8180x-adwcd9375sc8280xp-abbb_firmwaresc8180x-aaabqca6420_firmwarewsa8815fastconnect_6200_firmwareqca6430_firmwarewcd9380video_collaboration_vc3_platformwsa8830wsa8815_firmwarefastconnect_6200wsa8830_firmwarewcn3620fastconnect_6900_firmwareqcs6490qcs6490_firmwaresc8180x-acaf_firmwaresc8380xpaqt1000fastconnect_6800_firmwarewcd9385wsa8840_firmwarewcn3660b_firmwarewsa8835_firmwarewcd9370_firmwareSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2019-0841
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-82.65% / 99.21%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 20:18
Updated-29 Oct, 2025 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-05||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1709windows_10_1703windows_10_1809windows_server_2019windows_server_2016windows_10_1803WindowsWindows ServerWindows
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-38418
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Linux

Memory corruption while parsing the memory map info in IOCTL calls.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareqca6426sdm429wqca6696sd865_5gcsrb31024qcs610sa8155p_firmwareqam8295p_firmwaresd865_5g_firmwarec-v2x_9150_firmwaresa8195p_firmwaresa8145p_firmwareqcn9074_firmwarewcn3620_firmwarevideo_collaboration_vc1_platform_firmwarewcn3680bwcd9380_firmwaresnapdragon_auto_4g_modemqca6574au_firmwareqsm8250_firmwareqca6391_firmwaresa8195psnapdragon_auto_4g_modem_firmwarewcn3950_firmwareqca6391wcn3660bsdm429w_firmwarec-v2x_9150wcn3980wcn3950video_collaboration_vc3_platform_firmwaresnapdragon_w5\+_gen_1_wearablesw5100sxr2230pwcd9370sa8540p_firmwaresnapdragon_x55_5g_modem-rfsw5100p_firmwaresa8295p_firmwaresnapdragon_865\+_5g_mobilesa8150p_firmwaresxr2230p_firmwaresnapdragon_429_mobile_firmwarewsa8835sa9000psxr2130csrb31024_firmwareqsm8250qca6426_firmwareqcn9074fastconnect_7800sa6155p_firmwarewcd9341_firmwaresnapdragon_8_gen_1_mobileqca6564au_firmwaresnapdragon_870_5g_mobilesnapdragon_865_5g_mobile_firmwareqam8295psnapdragon_xr2_5g_firmwarewcd9341wcn3988snapdragon_x55_5g_modem-rf_firmwaresnapdragon_865_5g_mobileqca6574ausa8150psa6150p_firmwarefastconnect_6900snapdragon_xr2_5gwcn3988_firmwaresw5100_firmwaresxr2250pfastconnect_6800snapdragon_429_mobileqcs410_firmwaresa8530p_firmwareqca6696_firmwaresnapdragon_8_gen_1_mobile_firmwarewsa8810_firmwarewcd9385_firmwaresa6150pwcn3680b_firmwarewsa8810wsa8832sa8295psa6145p_firmwareqcs610_firmwaresa6145psnapdragon_870_5g_mobile_firmwarewsa8815snapdragon_w5\+_gen_1_wearable_firmwareqcs410sdx55sdx55_firmwaresa6155psnapdragon_865\+_5g_mobile_firmwarewcd9380video_collaboration_vc3_platformwsa8830qca6436_firmwarewsa8815_firmwaresa8155pwsa8832_firmwaresa8145psw5100psa8530pwsa8830_firmwarewcn3620wcn3980_firmwareqca6564ausxr2130_firmwarevideo_collaboration_vc1_platformqca6436fastconnect_6900_firmwaresa8540pqca6595au_firmwaresa9000p_firmwarefastconnect_6800_firmwarewcd9385qca6595auwcn3660b_firmwarewsa8835_firmwaresxr2250p_firmwarewcd9370_firmwareSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-45316
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.90%
||
7 Day CHG~0.00%
Published-11 Oct, 2024 | 08:20
Updated-15 Oct, 2024 | 12:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.

Action-Not Available
Vendor-SonicWall Inc.
Product-Connect Tunnelconnect_tunnel
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-27815
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.39%
||
7 Day CHG~0.00%
Published-29 Mar, 2022 | 23:21
Updated-03 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service.

Action-Not Available
Vendor-waycraten/a
Product-swhkdn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-0094
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.15%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:05
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) DSA
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-31256
Matching Score-4
Assigner-SUSE
ShareView Details
Matching Score-4
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.13% / 32.38%
||
7 Day CHG~0.00%
Published-26 Oct, 2022 | 08:55
Updated-09 May, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
sendmail: mail to root privilege escalation via sm-client.pre script

A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.

Action-Not Available
Vendor-SUSEopenSUSE
Product-factoryopenSUSE Factory
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2026-21240
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.39%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 17:51
Updated-13 Feb, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows HTTP.sys Elevation of Privilege Vulnerability

Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_22h2windows_11_24h2windows_11_23h2windows_10_1809windows_server_2022windows_server_2025windows_11_25h2windows_server_2022_23h2windows_server_2019Windows Server 2025Windows Server 2022Windows 11 Version 26H1Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows 10 Version 22H2Windows 11 version 26H1Windows 11 Version 25H2Windows Server 2019
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2022-31219
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-7.3||HIGH
EPSS-0.04% / 12.14%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 18:48
Updated-23 Apr, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Drive Composer Link Following Local Privilege Escalation Vulnerability

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.

Action-Not Available
Vendor-ABB
Product-drive_composerautomation_buildermint_workbenchMint WorkBenchDrive Composer entryABB Automation BuilderDrive Composer pro
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-36304
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.87%
||
7 Day CHG-0.01%
Published-10 Jun, 2024 | 21:21
Updated-16 Jun, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-apex_oneTrend Micro Apex OneTrend Micro Apex One as a Service
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-35261
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.52%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-09 Dec, 2025 | 23:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Network Watcher VM Extension Elevation of Privilege Vulnerability

Azure Network Watcher VM Extension Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_network_watcher_agentAzure Network Watcher VM Extension
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-9901
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.16%
||
7 Day CHG~0.00%
Published-22 Oct, 2020 | 18:03
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to elevate their privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_ostvosmac_os_xipadostvOSmacOSiOS
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2026-20809
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.82%
||
7 Day CHG+0.01%
Published-13 Jan, 2026 | 17:56
Updated-13 Feb, 2026 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Memory Elevation of Privilege Vulnerability

Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10_21h2windows_10_22h2windows_server_2022_23h2windows_server_2025windows_10_1809windows_server_2022windows_11_24h2windows_10_1607windows_server_2019windows_11_23h2windows_11_25h2windows_server_2012Windows Server 2025Windows 11 Version 23H2Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows Server 2012 R2Windows 10 Version 21H2Windows 11 Version 25H2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-3037
Matching Score-4
Assigner-PaperCut Software Pty Ltd
ShareView Details
Matching Score-4
Assigner-PaperCut Software Pty Ltd
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.66%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 00:12
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary File Deletion in PaperCut NG/MF Web Print

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server. Important: In most installations, this risk is mitigated by the default Windows Server configuration, which typically restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log in to the local console of the Windows environment hosting the PaperCut NG/MF application server. Note: This CVE has been split into two separate CVEs (CVE-2024-3037 and CVE-2024-8404) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard users on the host server.

Action-Not Available
Vendor-PaperCut Software Pty LtdMicrosoft Corporation
Product-papercut_ngwindowspapercut_mfPaperCut NG, PaperCut MFpapercut_mfpapercut_ng
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2024-30377
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.02%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 20:05
Updated-03 Jan, 2025 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability

G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the G DATA AntiVirus Scan Server. By creating a symbolic link, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23381.

Action-Not Available
Vendor-gdata-softwareG DATAgdata-software
Product-total_securityTotal Securitytotal_security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-30018
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.53% / 66.85%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 16:57
Updated-27 Aug, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_22h2windows_10_21h2windows_server_2022_23h2windows_11_21h2windows_10_1809windows_server_2022windows_11_22h2windows_server_2019windows_11_23h2Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows 11 version 22H3Windows 11 version 21H2Windows 10 Version 1809Windows 11 version 22H2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2011-3618
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.10%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 14:25
Updated-06 Aug, 2024 | 23:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

atop: symlink attack possible due to insecure tempfile handling

Action-Not Available
Vendor-atop_projectatopDebian GNU/Linux
Product-atopdebian_linuxatop
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-30463
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.25%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 13:54
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for which they lack permissions. After reading the RKEY value from user.conf under the /usr/local/vesta/data/users/admin directory, the admin password can be changed via a /reset/?action=confirm&user=admin&code= URI. This occurs because chmod is used unsafely.

Action-Not Available
Vendor-vestacpn/a
Product-control_paneln/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-28137
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.60%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 08:10
Updated-23 Jan, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series

A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU vulnerability.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-charx_sec-3150_firmwarecharx_sec-3050charx_sec-3000_firmwarecharx_sec-3100_firmwarecharx_sec-3100charx_sec-3000charx_sec-3150charx_sec-3050_firmwareCHARX SEC-3050CHARX SEC-3000CHARX SEC-3150CHARX SEC-3100charx_sec_3150charx_sec_3050charx_sec_3100charx_sec_3000
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-26238
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.60% / 68.90%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 16:57
Updated-03 May, 2025 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability

Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_22h2windows_10_21h2Windows 10 Version 21H2Windows 10 Version 22H2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-26199
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.57%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 16:57
Updated-03 May, 2025 | 00:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Office Elevation of Privilege Vulnerability

Microsoft Office Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-365_appsMicrosoft 365 Apps for Enterprise
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-9452
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.22%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 11:21
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe includes functionality to quarantine files by copying a suspected ransomware file from one directory to another using SYSTEM privileges. Because unprivileged users have write permissions in the quarantine folder, it is possible to control this privileged write with a hardlink. This means that an unprivileged user can write/overwrite arbitrary files in arbitrary folders. Escalating privileges to SYSTEM is trivial with arbitrary writes. While the quarantine feature is not enabled by default, it can be forced to copy the file to the quarantine by communicating with anti_ransomware_service.exe through its REST API.

Action-Not Available
Vendor-n/aAcronis (Acronis International GmbH)
Product-true_image_2020n/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-43067
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.27%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 10:15
Updated-20 Aug, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pwsa8832_firmwaresa8195psnapdragon_xr2_5g_platformvideo_collaboration_vc1_platformwsa8810_firmwarewsa8835sxr2130qcs610_firmwareqam8295pqca6696fastconnect_7800sdx55_firmwarewcn3660bqca6391wsa8830sa8155pwsa8832sw5100sa8155p_firmwarefastconnect_6800sa6150p_firmwarewcn3988_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca6426_firmwarevideo_collaboration_vc1_platform_firmwarewsa8835_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresa8295p_firmwaresd865_5g_firmwarewcn3660b_firmwaresa6155p_firmwaresa6145pqcs410_firmwarewcd9385qca6696_firmwaresa8530pwcd9385_firmwarewcn3680b_firmwaresnapdragon_xr2_5g_platform_firmwarevideo_collaboration_vc3_platform_firmwarec-v2x_9150_firmwaresxr2250pwcn3680bsdm429wqca6426sa8145pqcs610wcn3950_firmwaresa6150pqca6436sxr2230p_firmwaresa8530p_firmwarewcd9370_firmwaresxr2250p_firmwaresnapdragon_865_5g_mobile_platformwcd9370qca6574au_firmwarewsa8815sdm429w_firmwaresa8295pwcd9341qsm8250_firmwaresa6145p_firmwarewsa8810qca6436_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarewcd9380sxr2130_firmwarec-v2x_9150fastconnect_6800_firmwarewsa8815_firmwarefastconnect_6900_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresw5100p_firmwareqca6391_firmwaresa8540p_firmwaresnapdragon_429_mobile_platform_firmwaresa8150p_firmwareqcn9074video_collaboration_vc3_platformsw5100_firmwarewcn3980_firmwaresd865_5gsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwareqam8295p_firmwarefastconnect_7800_firmwaresnapdragon_429_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwarewcn3620snapdragon_w5\+_gen_1_wearable_platformwcn3980sa8145p_firmwareqca6574auwcn3988snapdragon_8_gen_1_mobile_platformqcn9074_firmwaresa8150pfastconnect_6900wcn3620_firmwareqsm8250snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sa9000psxr2230psdx55wcd9341_firmwaresa9000p_firmwaresa8195p_firmwaresa6155psnapdragon_x55_5g_modem-rf_systemwcn3950wcd9380_firmwareqcs410wsa8830_firmwaresa8540pSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2022-2897
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.69%
||
7 Day CHG~0.00%
Published-31 Aug, 2022 | 20:54
Updated-16 Apr, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Measuresoft ScadaPro Server and Client Link Following

Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation..

Action-Not Available
Vendor-measuresoftMeasuresoft
Product-scadapro_clientscadapro_serverScadaPro Server and Client
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 6
  • 7
  • Next
Details not found