Lucene search
K

5 matches found

OSV
OSV
added 2026/06/10 8:32 p.m.5 views

GHSA-GHQ2-5C67-FPRM PDM: Project-Local State and Config Writes Follow Symlinks

Summary PDM writes several project-local state or configuration files without symlink protection. If a malicious repository places those files as symlinks, local PDM operations can overwrite the symlink targets. This creates an arbitrary file clobber primitive relative to the privileges of the...

6.8CVSS5.9AI score0.00024EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.12 views

PT-2026-48600

Name of the Vulnerable Software and Affected Versions PDM versions prior to 2.28.0-1.1 Description PDM writes project-local state and configuration files without symlink protection, allowing a malicious repository to use symlinks to overwrite files outside the repository root. This creates an...

6.8CVSS6AI score0.00024EPSS
Exploits0References12
Packet Storm
Packet Storm
added 2013/06/19 12:0 a.m.25 views

Solaris 10 Patch Cluster File Clobber

File clobbering vulnerability in Solaris 10 patch cluster 3/27/2013 Larry W. Cashdollar @larry0 Hello, The 147147-26 patch creates a CLEANUP file in /tmp that is vulnerable to symlink attacks: The contents of the file created in /tmp are: /sbin/sh:root@dev-unix-sec02 cat CLEANUP...

7.4AI score
Exploits0
0day.today
0day.today
added 2013/06/19 12:0 a.m.23 views

Solaris 10 Patch Cluster File Clobber

Solaris 10 patch cluster suffers from a file clobber vulnerability in /tmp. File clobbering vulnerability in Solaris 10 patch cluster 3/27/2013 Larry W. Cashdollar @larry0 Hello, The 147147-26 patch creates a CLEANUP file in /tmp that is vulnerable to symlink attacks: The contents of the file...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2013/02/05 12:0 a.m.17 views

Oracle Auto Service Request File Clobber

Oracle Auto Service Request software package creates files insecurely in /tmp using time stamps instead of mkstemp. You can clobber root owned files if you know when around the time the root administrator will be using this utility. larry@oracle-os-lab01 tmp$ for x in seq 500 999; do ln -s...

0.6AI score
Exploits0
Rows per page
Query Builder