Lucene search
K

43 matches found

Cvelist
Cvelist
added yesterday10 views

CVE-2026-61371

Microsoft AVML before 0.17.0 could follow a symlink when opening a destination output path on Unix, allowing truncation/overwrite of the symlink target. The destructive effect is performed at open-time via OTRUNC, and can happen before full input validation completes “truncation-before-validation...

Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-59674

A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1...

8.5CVSS6.1AI score0.00129EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/13 5:13 p.m.6 views

UNIX Symbolic Link (Symlink) Following

Overview github.com/opencontainers/runc/libcontainer is a package for a modern container runtime. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in setupPtmx and setupDevSymlinks, which enable file deletion via calls to os.Remove and os.Symlink. An attack...

4.8CVSS5.5AI score0.00222EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:52 p.m.10 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...

6.1CVSS5.9AI score0.00108EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/10 12:30 a.m.11 views

EUVD-2026-21080

A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file lin...

7.3CVSS5.9AI score0.00129EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/27 5:9 p.m.55 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following through the use of a predictable temporary file path in the screenshot handling process. An attacker can cause truncation and ownership changes of arbitrary files by pre-placing symlinks in the /tmp...

7.8CVSS6AI score0.0035EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/03/26 6:51 a.m.142 views

Exploit for UNIX Symbolic Link Following in Fortinet Forticlient

Fortinet FortiClient Exploit CVE-2026-24018 Fully Working E...

7.8CVSS7AI score0.00228EPSS
Exploits1
NVD
NVD
added 2026/03/10 6:18 p.m.8 views

CVE-2026-24018

A UNIX symbolic link Symlink following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinux 7.2.2 through 7.2.12 may allow a local and unprivileged user to escalate their privileges to root...

7.8CVSS0.00228EPSS
Exploits1References1
NVD
NVD
added 2026/01/23 9:15 p.m.12 views

CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS0.00195EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.16 views

Firecracker security vulnerability

Firecracker is a microvirtual machine open source project developed by firecracker-microvm, designed for serverless computing. Firecracker versions 1.13.1 and earlier, as well as version 1.14.0, have security vulnerabilities. These vulnerabilities stem from issues with UNIX symbolic link handling...

6CVSS5.8AI score0.00195EPSS
Exploits0References4
Snyk
Snyk
added 2026/01/21 10:40 p.m.5 views

UNIX Symbolic Link (Symlink) Following

Overview @backstage/backend-plugin-api is a Core API used by Backstage backend plugins Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the resolveSafeChildPath function, which relies on resolveRealPath. An attacker can access sensitive files outside the...

7CVSS5.7AI score0.0043EPSS
Exploits0References3
OSV
OSV
added 2025/10/13 3:16 p.m.3 views

CVE-2025-43991

SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link Symlink following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrar...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References1
NVD
NVD
added 2025/10/13 3:16 p.m.6 views

CVE-2025-43991

SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link Symlink following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrar...

7.1CVSS0.00122EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/13 2:30 p.m.2 views

CVE-2025-43991

SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link Symlink following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrar...

6.3CVSS6.1AI score0.00122EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8582

Malware in sbrugna...

5.5CVSS7.4AI score0.0038EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-8579

Malware in sbrugna...

7.8CVSS7.4AI score0.00482EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-26954

Malware in sbrugna...

6.1CVSS6.3AI score0.00649EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-18868

Malware in sbrugna...

7.8CVSS7.6AI score0.00339EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-1940

Malware in sbrugna...

4.6CVSS6.1AI score0.00378EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/10/02 1:51 p.m.3 views

CVE-2025-53881

A UNIX Symbolic Link Symlink Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1...

6.9CVSS5.3AI score0.00157EPSS
Exploits0
Rows per page
Query Builder