Lucene search
K

29 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39145

Name of the Vulnerable Software and Affected Versions Akamai Guardicore Platform Agent versions 7.0 through 7.3.1 Akamai Zero Trust Client versions 6.0 through 6.1.5 Akamai Guardicore Platform Agent affected versions not specified Description Local privilege escalation is possible on Linux and...

7.4CVSS5.9AI score0.00325EPSS
Exploits0References6
CVE
CVE
added 2026/05/08 12:0 a.m.16 views

CVE-2026-34354

CVE-2026-34354 affects Akamai Guardicore Platform Agent (GPA) on Linux/macOS and Akamai Zero Trust Client, versions 7.0–7.3.1 and 6.0–6.1.5 respectively. The vulnerability is TOCTOU-based local privilege escalation caused by the GPA service creating a world-writable IPC socket in /tmp and accepti...

7.4CVSS6AI score0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 12:0 a.m.29 views

CVE-2026-34354

Akamai Guardicore Platform Agent GPA and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket in the world-writable /tmp directory. It accepts unauthenticated IPC control messages. This enables a TOCTOU vulnerability in the...

7.4CVSS0.00325EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.4 views

Juniper Junos OS Multiple Vulnerabilities (JSA88135)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA88135 advisory. - NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer...

9.8CVSS7.8AI score0.99999EPSS
Exploits46References15
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 4: clamav (TSSA-2025:0012)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0012 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS6.3AI score0.00555EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-16851

Malware in sbrugna...

7CVSS6.4AI score0.00314EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-20506

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the ClamD service module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all...

6.1CVSS6.1AI score0.00318EPSS
Exploits0References2
NVD
NVD
added 2025/07/08 10:15 p.m.5 views

CVE-2025-53547

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...

8.6CVSS0.00363EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:12 p.m.7 views

CVE-2020-25031

checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file...

7.8CVSS6.7AI score0.00544EPSS
Exploits1
Cvelist
Cvelist
added 2025/01/22 5:34 p.m.19 views

CVE-2025-0651 File symlink abuse might lead to deleting files belonging to SYSTEM user

Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation. User with a low system privileges can create a set of symlinks inside the C:\ProgramData\Cloudflare\warp-diag-partials folder. After triggering the 'Reset all settings" option the WARP service will...

6.1CVSS0.00294EPSS
Exploits0References1
Amazon
Amazon
added 2024/10/14 12:0 a.m.7 views

Medium: clamav

Issue Overview: A vulnerability in the PDF parsing module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacke...

7.5CVSS6.7AI score0.00555EPSS
Exploits0
OSV
OSV
added 2024/09/14 11:9 a.m.5 views

OESA-2024-2132 clamav security update

Clam AntiVirus clamav is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command lin...

7.5CVSS6.8AI score0.00555EPSS
Exploits0References3
OSV
OSV
added 2024/09/04 10:15 p.m.7 views

DEBIAN-CVE-2024-20506

A vulnerability in the ClamD service module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt...

6.1CVSS6.1AI score0.00318EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 10:15 p.m.5 views

AZL-48665 CVE-2024-20506 affecting package clamav for versions less than 1.0.7-1

A vulnerability in the ClamD service module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt...

6.1CVSS5.7AI score0.00318EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.1 views

SUSE CVE-2007-0472

Multiple race conditions in Smb4K before 0.8.0 allow local users to 1 modify arbitrary files via unspecified manipulations of Smb4K's lock file, which is not properly handled by the removelockfile function in core/smb4kfileio.cpp, and 2 add lines to the sudoers file via a symlink attack on...

3.7CVSS6.6AI score0.00341EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.3 views

SUSE CVE-2013-2217

cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/...

1.2CVSS6.9AI score0.00558EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.5 views

SUSE CVE-2016-9566

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565...

7.3CVSS9.2AI score0.04885EPSS
Exploits9References6
Debian CVE
Debian CVE
added 2021/01/12 8:17 a.m.43 views

CVE-2021-23240

selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not...

7.8CVSS8.1AI score0.01066EPSS
Exploits1
OSV
OSV
added 2017/06/08 4:29 p.m.3 views

DEBIAN-CVE-2017-8108

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file...

7.8CVSS7.3AI score0.00426EPSS
Exploits0References1
Prion
Prion
added 2015/05/18 3:59 p.m.23 views

Design/Logic Flaw

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

7.2CVSS6.7AI score0.00603EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder