275 matches found
SUSE CVE-2020-8252
The implementation of realpath in libuv 10.22.1, 12.18.4, and 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes...
SUSE CVE-2021-3998
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
CVE-2009-1143
A vulnerability was found in open-vm-tools. This flaw allows local users to bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...
PT-2022-9024 · Simbco · Httpster
Name of the Vulnerable Software and Affected Versions: SimbCo httpster affected versions not specified Description: A critical vulnerability was found in SimbCo httpster, affecting the fs.realpathSync function of the file src/server.coffee. The manipulation leads to path traversal. The exploit ha...
DEBIAN-CVE-2009-1143
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...
UBUNTU-CVE-2009-1143
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...
CVE-2009-1143
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...
CVE-2009-1143
CVE-2009-1143 : Open-vm-tools 2009.03.18-154848 contains a realpath race condition in mount.vmhgfs (hgfsmounter) that allows local users to bypass mounting-share access restrictions via a symlink attack. The context indicates a local-privilege-like risk with high impact to confidentiality, integr...
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value potentially leading to information leakage and disclosure of sensitive data.
...
AZL-10675 CVE-2021-3998 affecting package glibc for versions less than 2.35-7
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
DEBIAN-CVE-2021-3998
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
CVE-2021-3998
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
CVE-2021-3998
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
Design/Logic Flaw
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
CVE-2021-3998
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
CVE-2021-3998
CVE-2021-3998 is a glibc flaw where the realpath() function may return an unexpected value, potentially leaking sensitive information. The connected IBM/enterprise bulletins summarize the vulnerability as an information disclosure issue tied to the realpath() implementation, indicating a local-au...
CVE-2021-3998
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
CVE-2021-3998
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...
USN-5310-1 glibc vulnerabilities
Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS...
UBUNTU-CVE-2021-3998
A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...