28 matches found
PT-2026-52539
Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.16 Description A scoped, non-admin user with only Create permission can delete arbitrary files outside their assigned scope, including other tenants' data and the application database. This occurs during the...
CVE-2026-52811 Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym
Gogs is an open source self-hosted Git service. Prior to 0.14.3, Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component —...
Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym
Summary Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component — UploadRepoFiles is the lone outlier. An attacker with repo-wri...
CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration
Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the application starts...
OPENSUSE-SU-2026:20942-1 Security update for apptainer
This update for apptainer fixes the following issues: Changes in apptainer: - Update apptainer to version v1.5.1 Security fix bsc1267982: Fix for CVE-2026-48785 / GHSA-cr2j-534f-mf3g. Incorrect path matching for limit container paths directive. This is only applicable to SUID installations that...
CVE-2026-28483
OpenClaw before 2026.3.2 is affected by a race condition in ZIP extraction. The vulnerability arises from a gap between path validation and file write operations in src/infra/archive.ts, allowing a local attacker to write files outside the intended extraction root by abusing parent-directory syml...
PT-2026-27225
Summary ZIP extraction in OpenClaw could be raced into writing outside the intended destination directory via parent-directory symlink rebind between validation and write. Affected Packages / Versions - Package: openclaw npm - Vulnerable versions: = 2026.3.1 - Latest published vulnerable version...
CVE-2025-69430
An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...
PT-2026-5971
An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...
EUVD-2021-10338
Malware in sbrugna...
GHSA-G4JQ-H2W9-997C Vite middleware may serve files starting with the same name with the public directory
Summary Files starting with the same name with the public directory were served bypassing the server.fs settings. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - uses the public...
CVE-2022-3421
An attacker can pre-create the /Applications/Google\ Drive.app/Contents/MacOS directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set i...
RHEL 6 : file-roller (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive...
RHEL 5 : file-roller (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive...
OPENSUSE-SU-2024:0093-1 Security update for minidlna
This update for minidlna fixes the following issues: Update to 1.3.3 boo1222007: - Fixed HTTP chunk length parsing. CVE-2023-33476 - Improved Dutch and Swedish translations. - Fixed directory symlink deletion handling...
CVE-2023-33865
RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership...
SUSE CVE-2008-7247
sql/sqltable.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a 1 DATA DIRECTORY or 2...
nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite
The npm package "tar" aka node-tar has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted...
Remote code execution
The npm package "tar" aka node-tar before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achiev...
Arbitrary File Write
file-roller is vulnerable to arbitrary file write. The vulnerability exists through a directory symlink pointing outside of the target directory...