CVE-2024-31954

HIGH Year: 2024
CVSS v3 Score
7.3
High
Weakness Type
CWE-538
View all →

Vulnerability Description

An issue was discovered in the installer in Samsung Portable SSD for T5 1.6.10 on Windows. Because it is possible to tamper with the directory and DLL files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (An attacker must already have user privileges)

Related Vulnerabilities

CVE-2016-10399

HIGH
CVSS:7.5(High)

Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed an unauthenticated, remote attacker to read potentially sensitive system files via a specially crafted U...

CWE-5382016

CVE-2019-6851

HIGH
CVSS:7.5(High)

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of in...

CWE-5382019

CVE-2022-44623

HIGH
CVSS:7.5(High)

In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings

CWE-5382022

CVE-2023-46723

HIGH
CVSS:7.5(High)

lte-pic32-writer is a writer for PIC32 devices. In versions 0.0.1 and prior, those who use `sendto.txt` are vulnerable to attackers who known the IMEI reading the sendto.txt. The sendto.txt file can c...

CWE-5382023

CVE-2021-40363

HIGH
CVSS:7.8(High)

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions <...

CWE-5382021

CVE-2022-4318

HIGH
CVSS:7.8(High)

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.

CWE-5382022