Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : libarchive-3.3.3-3.el8 (AXSA:2022-3102:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3102:01 advisory. libarchive: extracting a symlink with ACLs modifies ACLs of target CVE-2021-23177 libarchive: symbolic links incorrectly followed when changing mode...

7.8CVSS8.5AI score0.00367EPSS
Exploits0References3
Snyk
Snyk
added 2025/10/14 5:45 p.m.1 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper handling of symbolic links before file access. An attacker can gain elevated privileges by exploiting the way the system resolves links, potentially accessing or modifying files with higher permissions...

7.3CVSS9.3AI score0.00564EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/09/26 12:0 a.m.4 views

The vulnerability of the DSA service in the Intel Driver & Support Assistant software, related to incorrect handling of the link before accessing the file, allows an attacker to escalate their privileges within the system.

The vulnerability of the DSA service in the Intel Driver & Support Assistant software for updating drivers is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges within the system using a...

7.8CVSS7.2AI score0.00313EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/10/12 12:0 a.m.6 views

The vulnerability of the file-sharing software for disconnected desktops, Warpinator, arises from an improper definition of the link before accessing files. This allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the file-sharing software between remote desktops in Warpinator relates to the improper handling of links before accessing files. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.2AI score0.01238EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.5 views

The vulnerability of the `program_after_update` function in the Trend Micro Antivirus protection tool allows attackers to enhance their privileges.

The vulnerability of the programafterupdate function in the Trend Micro Antivirus protection tool is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.0043EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2022/01/05 12:0 a.m.3 views

Shopware 输入验证错误漏洞

Shopware is a set of open source e-commerce software from the German company Shopware. shopware has an open redirect vulnerability in versions prior to 5.7.7, which stems from incomplete URL handling in shopware routing and can be exploited by attackers to redirect users to arbitrary websites...

6.8CVSS5.8AI score0.00774EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.3 views

The vulnerability of Trend Micro Deep Security Agent lies in its improper handling of links before accessing a file. This allows attackers to delete any files they desire.

The vulnerability of the Trend Micro Deep Security Agent lies in the improper handling of links before accessing a file. Exploiting this vulnerability could allow an attacker to delete any files they desire...

7.1CVSS7AI score0.01311EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder