110 matches found
USN-8294-1: PostgreSQL vulnerabilities
It was discovered that PostgreSQL did not correctly enforce authorization for CREATE TYPE. An attacker could possibly use this issue to execute arbitrary SQL functions. CVE-2026-6472 It was discovered that PostgreSQL incorrectly handled large user input in multiple server features. An attacker...
EUVD-2026-30934
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...
golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...
CVE-2026-24018
A UNIX symbolic link Symlink following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinux 7.2.2 through 7.2.12 may allow a local and unprivileged user to escalate their privileges to root...
CVE-2025-69431
The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the mishandling of symlink destinations while evaluating template repos. An attacker can write to unintended files and potentially gain shell access on the server by creating out-of-repository...
Dell SupportAssist Privilege Escalation (DSA-2025-445)
The remote Windows host contains an installation of Dell SupportAssist that is affected by an elevation of privilege vulnerability: - Dell SupportAssist for Home PCs versions 4.8.2.29006 and prior and Dell SupportAssist for Business PCs versions 4.9.0.40943 and prior contain a UNIX Symbolic Link...
EUVD-2018-12210
Malware in sbrugna...
EUVD-2019-15763
Malware in sbrugna...
EUVD-2018-12212
Malware in sbrugna...
EUVD-2002-1485
Malware in sbrugna...
EUVD-2018-17008
Malware in sbrugna...
EUVD-2003-0865
Malware in sbrugna...
EUVD-2018-12213
Malware in sbrugna...
EUVD-2020-21039
Malware in sbrugna...
Unity Linux 20.1070e Security Update: rpm (UTSA-2025-680609)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680609 advisory. A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use...
EUVD-2022-35522
Malicious code in bioql PyPI...
EUVD-2024-54469
Malicious code in bioql PyPI...
EUVD-2024-19620
Malicious code in bioql PyPI...
EUVD-2024-48836
Malicious code in bioql PyPI...