SUSE CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

SUSE CVE-2009-1143

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...

SUSE CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution...

SUSE CVE-2018-14338

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms other than Apple platforms where glibc is not used, possibly leading to a buffer overflow...

SUSE CVE-2018-14939

The getapppath function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impac...

SUSE CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

SUSE CVE-2020-8252

The implementation of realpath in libuv 10.22.1, 12.18.4, and 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes...

SUSE CVE-2021-3998

A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...

CVE-2009-1143

A vulnerability was found in open-vm-tools. This flaw allows local users to bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...

PT-2022-9024 · Simbco · Httpster

Name of the Vulnerable Software and Affected Versions: SimbCo httpster affected versions not specified Description: A critical vulnerability was found in SimbCo httpster, affecting the fs.realpathSync function of the file src/server.coffee. The manipulation leads to path traversal. The exploit ha...

DEBIAN-CVE-2009-1143

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...

CVE-2009-1143

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...

UBUNTU-CVE-2009-1143

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...

CVE-2009-1143

CVE-2009-1143 : Open-vm-tools 2009.03.18-154848 contains a realpath race condition in mount.vmhgfs (hgfsmounter) that allows local users to bypass mounting-share access restrictions via a symlink attack. The context indicates a local-privilege-like risk with high impact to confidentiality, integr...

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value potentially leading to information leakage and disclosure of sensitive data.

...

CVE-2021-3998

A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...

DEBIAN-CVE-2021-3998

A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...

AZL-10675 CVE-2021-3998 affecting package glibc for versions less than 2.35-7

A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...

CVE-2021-3998

A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...

Design/Logic Flaw

A flaw was found in glibc. The realpath function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data...