| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Link Following Local Privilege Escalation Vulnerability in System Speedup Service in Avira Operations GmbH Avira Prime Version 1.1.96.2 on Windows 10 x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack. |
| Link Following Local Privilege Escalation Vulnerability in TuneupSvc.exe in AVG TuneUp 24.2.16593.9844 on Windows allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging the service to delete a directory |
| A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path C:\ProgramData\Docker\config with high privileges. However, this directory often does not exist by default, and C:\ProgramData\ allows normal users to create new directories. By creating a malicious Docker\config folder structure at this location, an attacker can force the privileged update process to delete or manipulate arbitrary system files, leading to Elevation of Privilege. |
| A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1. |
| Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges. |
| Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium) |
| Win32k Elevation of Privilege Vulnerability |
| Visual Studio Elevation of Privilege Vulnerability |
| Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability |
| Microsoft Azure File Sync Elevation of Privilege Vulnerability |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability |
| Xbox Gaming Services Elevation of Privilege Vulnerability |
| Windows Update Stack Elevation of Privilege Vulnerability |
| Microsoft Office Elevation of Privilege Vulnerability |
| NTFS Elevation of Privilege Vulnerability |
| Azure Monitor Agent Elevation of Privilege Vulnerability |
| Microsoft Brokering File System Elevation of Privilege Vulnerability |
| Windows File Server Resource Management Service Elevation of Privilege Vulnerability |
| Windows Telephony Server Elevation of Privilege Vulnerability |
