Total
1092 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-3618 | 2 Atop Project, Debian | 2 Atop, Debian Linux | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
atop: symlink attack possible due to insecure tempfile handling | |||||
CVE-2019-18575 | 1 Dell | 1 Command\|configure | 2024-02-04 | 6.6 MEDIUM | 7.1 HIGH |
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system. | |||||
CVE-2011-5271 | 1 Clusterlabs | 1 Pacemaker | 2024-02-04 | 3.3 LOW | 5.5 MEDIUM |
Pacemaker before 1.1.6 configure script creates temporary files insecurely | |||||
CVE-2008-7273 | 1 Getfiregpg | 1 Iceweasel-firegpg | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling. | |||||
CVE-2019-18466 | 1 Libpod Project | 1 Libpod | 2024-02-04 | 5.8 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs. An attacker could create a container image containing particular symlinks that, when copied by a victim user to the host filesystem, may overwrite existing files with others from the host. | |||||
CVE-2019-11481 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-02-04 | 6.1 MEDIUM | 7.8 HIGH |
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences. | |||||
CVE-2019-16896 | 1 K7computing | 1 K7 Ultimate Security | 2024-02-04 | 2.1 LOW | 7.8 HIGH |
In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality. | |||||
CVE-2019-11251 | 1 Kubernetes | 1 Kubernetes | 2024-02-04 | 4.3 MEDIUM | 5.7 MEDIUM |
The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree. | |||||
CVE-2013-1866 | 2 Apple, Opensc Project | 2 Mac Os X, Opensc | 2024-02-04 | 6.3 MEDIUM | 6.1 MEDIUM |
OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability | |||||
CVE-2011-2924 | 3 Debian, Fedoraproject, Linuxfoundation | 3 Debian Linux, Fedora, Foomatic-filters | 2024-02-04 | 3.3 LOW | 5.5 MEDIUM |
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. | |||||
CVE-2019-18932 | 2 Opensuse, Squid Analysis Report Generator Project | 3 Backports Sle, Leap, Squid Analysis Report Generator | 2024-02-04 | 4.4 MEDIUM | 7.0 HIGH |
log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and place symlinks in it (after winning a /tmp/sarg/denied.int_unsort race condition). The outcome will be corrupted or newly created files in privileged file system locations. | |||||
CVE-2011-3632 | 3 Debian, Hardlink Project, Redhat | 3 Debian Linux, Hardlink, Enterprise Linux | 2024-02-04 | 3.6 LOW | 7.1 HIGH |
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. | |||||
CVE-2011-1136 | 2 Debian, Tesseract Project | 2 Debian Linux, Tesseract | 2024-02-04 | 6.3 MEDIUM | 4.7 MEDIUM |
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file. | |||||
CVE-2019-18658 | 1 Helm | 1 Helm | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue. | |||||
CVE-2010-0398 | 1 Autokey Project | 1 Autokey | 2024-02-04 | 5.5 MEDIUM | 6.5 MEDIUM |
The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack. | |||||
CVE-2019-18232 | 2 Gemalto, Microsoft | 2 Sentinel Ldk License Manager, Windows | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service. This vulnerability may allow an attacker with local access to create, write, and/or delete files in system folder using symbolic links, leading to a privilege escalation. This vulnerability could also be used by an attacker to execute a malicious DLL, which could impact the integrity and availability of the system. | |||||
CVE-2019-15627 | 2 Microsoft, Trendmicro | 2 Windows, Deep Security | 2024-02-04 | 6.6 MEDIUM | 7.1 HIGH |
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected. | |||||
CVE-2020-5324 | 1 Dell | 226 G3 15 3590, G3 15 3590 Firmware, G3 3579 and 223 more | 2024-02-04 | 2.6 LOW | 4.4 MEDIUM |
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers. | |||||
CVE-2019-3693 | 2 Opensuse, Suse | 4 Backports Sle, Leap, Linux Enterprise Server and 1 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions. | |||||
CVE-2019-3694 | 2 Opensuse, Suse | 4 Factory, Leap, Munin and 1 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions. |