67 matches found
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the CRI checkpoint restore plugin due to improper validation of symlinked paths. An attacker can access arbitrary files on the host by crafting a malicious checkpoint image and leveraging the...
Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin
cve-id ⚡ Simple Usage Use this project only in safe and...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in setupPtmx and setupDevSymlinks, which enable file deletion via calls to os.Remove and os.Symlink. An attacker who supplies a container image whose /dev is a symlink can redirect these operations...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the WebDAV backend process. An attacker can access and modify files outside the intended directory by exploiting symbolic links that point outside the designated root. This is only exploitable if...
UNIX Symbolic Link (Symlink) Following
Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink...
PT-2026-31745
A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file lin...
UNIX Symbolic Link (Symlink) Following
Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following through the include, render, and layout directories, when symlinks are placed within a trusted...
Security Advisory 0135
Security Advisory 0135 PDF Date: April 7, 2026 Revision | Date | Changes ---|---|--- 1.0 | April 7th, 2026 | Initial release 1.1 | April 28th, 2026 | Correction to fixed releases fixed in 4.32.10, not 4.32.9 The CVE-ID tracking this issue: CVE-2025-31133 CVSSv3.1 Base Score: 7.8/10...
CVE-2026-22767
Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...
EUVD-2026-17871
Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...
CVE-2026-22767
Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...
CVE-2026-22767
Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...
CVE-2026-22767
Dell AppSync 4.6.0 is affected by a UNIX symbolic link (symlink) following vulnerability. A low-privileged local attacker could potentially exploit this to tamper information. Root cause details are not explicitly provided beyond the symlink following descriptor in the sources. Remediation/patch/...
CVE-2026-22767
Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...
UNIX Symbolic Link (Symlink) Following
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the agents.create and agents.update processes. An attacker can append arbitrary content to files outside the intended workspace by planting a...
EUVD-2025-34066
SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link Symlink following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrar...
PT-2025-41788
Name of the Vulnerable Software and Affected Versions SupportAssist for Home PCs versions 4.8.2 and prior SupportAssist for Business PCs versions 4.5.3 and prior Description The software contains a UNIX Symbolic Link Symlink following issue. A local attacker with limited privileges could...
EUVD-2019-8578
Malware in sbrugna...