📄 OSK Registry-Based Privilege Escalation / Symlink Attack

The provided code is a conceptual Windows privilege escalation exploit targeting the On-Screen Keyboard osk.exe and Accessibility AT registry infrastructure. It attempts to abuse weak trust boundaries between user-level registry configuration and system-level execution paths...

CVE-2026-28778

International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...

CVE-2026-28778

International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...

PT-2026-22881

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver affected versions not specified Description The IDC SFX Series SuperFlex Satellite Receiver is affected by hardcoded, insecure credentials for the xd user accoun...

CVE-2021-47756

Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication...

CVE-2025-34290 Versa SASE Client for Windows < 7.9.5 Arbitrary Folder Deletion Leading to Local Privilege Escalation

Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating...

EUVD-2003-0474

Malware in sbrugna...

EUVD-2021-12172

Malware in sbrugna...

EUVD-2007-5939

Malware in sbrugna...

EUVD-2024-29810

Malicious code in bioql PyPI...

CVE-2025-4138

Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

Parallels Desktop prl_disp_service Snapshots SymLink Change Ownership Privilege Escalation

Talos Vulnerability Report TALOS-2024-2123 Parallels Desktop prldispservice Snapshots SymLink Change Ownership Privilege Escalation June 3, 2025 CVE Number CVE-2024-52561 SUMMARY A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1...

CVE-2021-25261

Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process...

CVE-2019-19191

Shibboleth Service Provider SP 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user the shibd account after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow...

📄 tar-fs 3.0.0 Arbitrary File Write

tar-fs version 3.0.0 suffers from an arbitrary file write vulnerability. Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE:...

CVE-2024-28185

Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox. When executing a submission, Judge0 writes a...

CVE-2024-3829 Arbitrary File Read and Write during Snapshot Recovery in qdrant/qdrant

qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file read by adding a symlink that points to a desired file on the...

CVE-2024-3829 Arbitrary File Read and Write during Snapshot Recovery in qdrant/qdrant

qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file read by adding a symlink that points to a desired file on the...

RHEL 6 : keepalived (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or...

CVE-2022-28225

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process...