570 matches found
CVE-2022-20085
In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308877; Issue ID: ALPS06308877...
Debian DLA-2987-1 : libarchive - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2987 advisory. Three issues have been found in libarchive, a multi-format archive and compression library. CVE-2021-31566 symbolic links incorrectly followed when changing modes,...
EulerOS 2.0 SP10 : libarchive (EulerOS-SA-2022-1509)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a...
EulerOS 2.0 SP10 : libarchive (EulerOS-SA-2022-1490)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2022-1490)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2022-1509)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2022-1451)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : libarchive (EulerOS-SA-2022-1430)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a...
EulerOS 2.0 SP9 : libarchive (EulerOS-SA-2022-1451)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a...
PT-2022-6620 · Trend Micro · Trend Micro Apex One +1
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One and Apex One as a Service affected versions not specified Description: A link following issue in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. The...
CVE-2022-20068
In mobilelogd, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907...
CVE-2022-20068
In mobilelogd, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907...
多款 MediaTek 产品后置链接漏洞
MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in multiple MediaTek products that stems from incorrect link resolution in mobilelogd, which may result in symbolic links...
Arbitrary File Write
libarchive is vulnerable to arbitrary file write. An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would...
Improper Link Resolution Before File Access ('Link Following')
An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally...
Improper Link Resolution Before File Access ('Link Following')
An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally...
Improper Link Resolution Before File Access ('Link Following')
An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2022-1353)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : libarchive (EulerOS-SA-2022-1353)
According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of ...
libarchive: symbolic links incorrectly followed when changing modes, times, ACL and flags of a file while extracting an archive
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...