Total
1383 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35353 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-01-01 | 7.8 High |
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | ||||
| CVE-2023-35342 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-01 | 7.8 High |
| Windows Image Acquisition Elevation of Privilege Vulnerability | ||||
| CVE-2023-35320 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-01-01 | 7.8 High |
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | ||||
| CVE-2023-32050 | 1 Microsoft | 1 Windows Server 2008 | 2025-01-01 | 7 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2023-32012 | 1 Microsoft | 4 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 1 more | 2025-01-01 | 7.8 High |
| Windows Container Manager Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-21722 | 1 Microsoft | 22 .net Framework, Windows 10 1507, Windows 10 1511 and 19 more | 2025-01-01 | 5 Medium |
| .NET Framework Denial of Service Vulnerability | ||||
| CVE-2023-21567 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2025-01-01 | 5.6 Medium |
| Visual Studio Denial of Service Vulnerability | ||||
| CVE-2023-21760 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-01 | 7.1 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2023-21725 | 1 Microsoft | 1 Windows Malicious Software Removal Tool | 2025-01-01 | 6.3 Medium |
| Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability | ||||
| CVE-2023-21678 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2023-21542 | 1 Microsoft | 9 Windows 10 1607, Windows 7, Windows 8.1 and 6 more | 2025-01-01 | 7 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2024-43470 | 1 Microsoft | 1 Azure Network Watcher Agent | 2024-12-31 | 7.3 High |
| Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-38188 | 1 Microsoft | 1 Azure Network Watcher Agent | 2024-12-31 | 7.1 High |
| Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-52050 | 1 Trendmicro | 2 Apexone Op, Apexone Saas | 2024-12-31 | 7.8 High |
| A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2024-7234 | 1 Avg | 2 Anti-virus, Antivirus | 2024-12-19 | 7.8 High |
| AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22260. | ||||
| CVE-2024-7235 | 1 Avg | 1 Antivirus | 2024-12-19 | 5.5 Medium |
| AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. . Was ZDI-CAN-22803. | ||||
| CVE-2024-7236 | 1 Avg | 1 Antivirus | 2024-12-19 | 5.5 Medium |
| AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Installer. By creating a symbolic link, an attacker can abuse the update functionality to create a file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. Was ZDI-CAN-22942. | ||||
| CVE-2024-7237 | 1 Avg | 2 Anti-virus, Antivirus | 2024-12-19 | 7.8 High |
| AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22960. | ||||
| CVE-2023-43078 | 1 Dell | 699 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 696 more | 2024-12-19 | 6.7 Medium |
| Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service. | ||||
| CVE-2024-56074 | 2024-12-16 | 5.5 Medium | ||
| gitingest before 9996a06 mishandles symbolic links that point outside of the base directory. | ||||