Lucene search
K

28 matches found

Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52539

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.16 Description A scoped, non-admin user with only Create permission can delete arbitrary files outside their assigned scope, including other tenants' data and the application database. This occurs during the...

8.2CVSS6AI score0.00359EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 8:31 p.m.22 views

CVE-2026-52811 Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component —...

9CVSS0.00474EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/23 5:9 p.m.9 views

Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym

Summary Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component — UploadRepoFiles is the lone outlier. An attacker with repo-wri...

9CVSS6.2AI score0.00474EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 5:4 a.m.9 views

CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration

Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the application starts...

5.3CVSS5.5AI score0.00094EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 2:46 p.m.5 views

OPENSUSE-SU-2026:20942-1 Security update for apptainer

This update for apptainer fixes the following issues: Changes in apptainer: - Update apptainer to version v1.5.1 Security fix bsc1267982: Fix for CVE-2026-48785 / GHSA-cr2j-534f-mf3g. Incorrect path matching for limit container paths directive. This is only applicable to SUID installations that...

5.4AI score
Exploits0References2
CVE
CVE
added 2026/03/23 9:36 p.m.13 views

CVE-2026-28483

OpenClaw before 2026.3.2 is affected by a race condition in ZIP extraction. The vulnerability arises from a gap between path validation and file write operations in src/infra/archive.ts, allowing a local attacker to write files outside the intended extraction root by abusing parent-directory syml...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.6 views

PT-2026-27225

Summary ZIP extraction in OpenClaw could be raced into writing outside the intended destination directory via parent-directory symlink rebind between validation and write. Affected Packages / Versions - Package: openclaw npm - Vulnerable versions: = 2026.3.1 - Latest published vulnerable version...

8.7CVSS5.8AI score
Exploits0References7
NVD
NVD
added 2026/02/03 6:16 p.m.9 views

CVE-2025-69430

An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...

6.1CVSS0.00281EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-5971

An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...

6.1CVSS5.5AI score0.00281EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-10338

Malware in sbrugna...

2.5CVSS6.2AI score0.01029EPSS
Exploits1References14
OSV
OSV
added 2025/09/09 8:55 p.m.5 views

GHSA-G4JQ-H2W9-997C Vite middleware may serve files starting with the same name with the public directory

Summary Files starting with the same name with the public directory were served bypassing the server.fs settings. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - uses the public...

2.3CVSS6.6AI score0.0118EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.10 views

CVE-2022-3421

An attacker can pre-create the /Applications/Google\ Drive.app/Contents/MacOS directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set i...

7.3CVSS7AI score0.00098EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.33 views

RHEL 6 : file-roller (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive...

5AI score0.02132EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.29 views

RHEL 5 : file-roller (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive...

4.8AI score0.02132EPSS
Exploits1References2
OSV
OSV
added 2024/03/28 8:11 p.m.7 views

OPENSUSE-SU-2024:0093-1 Security update for minidlna

This update for minidlna fixes the following issues: Update to 1.3.3 boo1222007: - Fixed HTTP chunk length parsing. CVE-2023-33476 - Improved Dutch and Swedish translations. - Fixed directory symlink deletion handling...

9.8CVSS6.7AI score0.02061EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2023/06/07 8:15 p.m.24 views

CVE-2023-33865

RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership...

7.8CVSS7.3AI score0.00891EPSS
Exploits3References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2008-7247

sql/sqltable.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a 1 DATA DIRECTORY or 2...

6CVSS6.7AI score0.01768EPSS
Exploits3References9
RedHat Linux
RedHat Linux
added 2021/09/22 8:55 a.m.8 views

nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite

The npm package "tar" aka node-tar has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted...

8.2CVSS7.4AI score0.07795EPSS
Exploits0References5
Prion
Prion
added 2021/08/31 5:15 p.m.33 views

Remote code execution

The npm package "tar" aka node-tar before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achiev...

4.4CVSS9.4AI score0.0185EPSS
Exploits0References6Affected Software4
Veracode
Veracode
added 2020/11/05 3:9 a.m.17 views

Arbitrary File Write

file-roller is vulnerable to arbitrary file write. The vulnerability exists through a directory symlink pointing outside of the target directory...

3.9CVSS3.2AI score0.00768EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder