Lucene search
K

67 matches found

Snyk
Snyk
added 2026/06/19 7:35 p.m.5 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the CRI checkpoint restore plugin due to improper validation of symlinked paths. An attacker can access arbitrary files on the host by crafting a malicious checkpoint image and leveraging the...

8.2CVSS6AI score0.00208EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/16 6:9 a.m.65 views

Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin

cve-id ⚡ Simple Usage Use this project only in safe and...

8.7CVSS5.5AI score0.03847EPSS
Exploits15
Snyk
Snyk
added 2026/06/13 5:13 p.m.4 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in setupPtmx and setupDevSymlinks, which enable file deletion via calls to os.Remove and os.Symlink. An attacker who supplies a container image whose /dev is a symlink can redirect these operations...

4.8CVSS5.5AI score0.00222EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:53 p.m.8 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

7.2CVSS5.9AI score0.00104EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:52 p.m.80 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...

6.1CVSS5.9AI score0.00108EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/25 11:34 p.m.7 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the WebDAV backend process. An attacker can access and modify files outside the intended directory by exploiting symbolic links that point outside the designated root. This is only exploitable if...

9.1CVSS5.8AI score0.0033EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/21 6:51 p.m.4 views

UNIX Symbolic Link (Symlink) Following

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink...

10CVSS6.4AI score0.00518EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.9 views

PT-2026-31745

A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file lin...

7.3CVSS5.9AI score0.00129EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/08 3:3 p.m.3 views

UNIX Symbolic Link (Symlink) Following

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following through the include, render, and layout directories, when symlinks are placed within a trusted...

8.2CVSS5.8AI score0.00396EPSS
Exploits1References2
Arista
Arista
added 2026/04/07 12:0 a.m.32 views

Security Advisory 0135

Security Advisory 0135 PDF Date: April 7, 2026 Revision | Date | Changes ---|---|--- 1.0 | April 7th, 2026 | Initial release 1.1 | April 28th, 2026 | Correction to fixed releases fixed in 4.32.10, not 4.32.9 The CVE-ID tracking this issue: CVE-2025-31133 CVSSv3.1 Base Score: 7.8/10...

8.4CVSS7.1AI score0.00673EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2026/04/02 4:56 p.m.7 views

CVE-2026-22767

Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

7.3CVSS5.9AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/01 3:31 p.m.5 views

EUVD-2026-17871

Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

7.3CVSS5.9AI score0.00165EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 1:16 p.m.8 views

CVE-2026-22767

Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

7.3CVSS0.00165EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 12:7 p.m.29 views

CVE-2026-22767

Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

7.3CVSS0.00165EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 12:7 p.m.16 views

CVE-2026-22767

Dell AppSync 4.6.0 is affected by a UNIX symbolic link (symlink) following vulnerability. A low-privileged local attacker could potentially exploit this to tamper information. Root cause details are not explicitly provided beyond the symlink following descriptor in the sources. Remediation/patch/...

7.3CVSS5.9AI score0.00165EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/01 12:7 p.m.3 views

CVE-2026-22767

Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

7.3CVSS5.9AI score0.00165EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/26 9:49 p.m.4 views

UNIX Symbolic Link (Symlink) Following

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the agents.create and agents.update processes. An attacker can append arbitrary content to files outside the intended workspace by planting a...

7.8CVSS6AI score0.00324EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/13 2:30 p.m.5 views

EUVD-2025-34066

SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link Symlink following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrar...

6.3CVSS6AI score0.00119EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.6 views

PT-2025-41788

Name of the Vulnerable Software and Affected Versions SupportAssist for Home PCs versions 4.8.2 and prior SupportAssist for Business PCs versions 4.5.3 and prior Description The software contains a UNIX Symbolic Link Symlink following issue. A local attacker with limited privileges could...

6.3CVSS6.4AI score0.00119EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2019-8578

Malware in sbrugna...

8.4CVSS8.6AI score0.00386EPSS
Exploits0References4
Rows per page
Query Builder