624 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-45339
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a...
Linux Distros Unpatched Vulnerability : CVE-2018-1063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an...
CVE-2025-25330
Technical details are not publicly available in the provided documents. No specifics on affected components, root cause, or exploitability are disclosed. Monitor for updates from official sources.
Dell SupportAssist OS Recovery Symbolic Link Attack (DSA-2025-051)
According to its self-reported version number, the version of Dell SupportAssist OS Recovery is affected by a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privilege...
Dell SupportAssist OS Recovery Symbolic Link Attack Vulnerability
Dell SupportAssist OS Recovery is a built-in recovery tool for Dell computers, which is mainly used to solve system problems or hardware failures. Dell SupportAssist OS Recovery suffers from a symbolic link attack vulnerability that can be exploited by attackers to cause arbitrary file deletion a...
[SECURITY] [DLA 4056-1] golang-glog security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4056-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura February 17, 2025 https://wiki.debian.org/LTS -...
CVE-2025-22480
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges...
CVE-2025-22480
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges...
CVE-2025-22480
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges...
CVE-2025-22480
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges...
CVE-2025-22480
Dell SupportAssist OS Recovery (CVE-2025-22480) is affected in versions prior to 5.5.13.1 due to a symbolic link attack that a local, low-privilege attacker could exploit to delete arbitrary files and achieve Elevation of Privileges. Affected software is Dell SupportAssist OS Recovery. Root cause...
Dell SupportAssist OS Recovery 安全漏洞
Dell SupportAssist OS Recovery is a built-in recovery tool for Dell computers, which is mainly used to solve system problems or hardware failures. Dell SupportAssist OS Recovery suffers from a symbolic link attack vulnerability that can be exploited by attackers to cause arbitrary file deletion a...
Symbolic Link Attack
github.com/golang/glog is vulnerable to symbolic link attack. The vulnerability is due to improper log file handling, which allows logs to be written to a widely-writable directory and also allows an attacker to pre-create a symlink to a sensitive file, which a privileged process may then overwri...
CVE-2024-45339
A flaw was found in glog, a logging library. This vulnerability allows an unprivileged attacker to overwrite sensitive files via a symbolic link planted in a widely writable directory, exploiting the log file path predictability. Mitigation Mitigation for this issue is either not available or the...
CVE-2024-45339
When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...
CVE-2024-45339 Vulnerability when creating log files in github.com/golang/glog
When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...
GO-2025-3372 Vulnerability when creating log files in github.com/golang/glog
When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...
CVE-2024-56953
An issue in Baidu China Co Ltd Baidu Input Method iOS version v12.6.13 allows attackers to access user information via supplying a crafted link...
CVE-2024-7234
AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...
RHEL 7 : instack-undercloud (RHSA-2017:2726)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:2726 advisory. instack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud using python-instack. The...