Lucene search
K

47 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-41624

Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths...

5.9AI score
Exploits0References4
NVD
NVD
added 3 days ago9 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS0.00208EPSS
Exploits0References1
CVE
CVE
added 3 days ago28 views

CVE-2026-53489

CVE-2026-53489 affects containerd CRI: when checkpoint restore occurs, the CRI plugin may read a host file by following a symlink for container.log. Vulnerable versions are prior to 2.3.2, 2.2.5 and 2.1.9. Impact described as arbitrary host file read via kubectl logs, with LOCAL attack potential ...

8.2CVSS5.9AI score0.00208EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 3 days ago7 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS5.9AI score0.00208EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/26 4:47 p.m.35 views

CVE-2026-54557 mise HTTP backend uses raw version path for install symlink destination

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.1, the mise HTTP backend builds its install symlink destination from the raw resolved version string for non-latest versions. Normal tool install paths use the sanitized version pathname, but the HTTP backend's symlin...

5.5CVSS0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/05/08 6:51 p.m.19 views

CVE-2026-29203

CVE-2026-29203 affects the cPanel Nova plugin component Cpanel::Nova::Connector. A chmod call follows symlinks, enabling an authenticated cPanel user to set root permissions on arbitrary system files or directories by placing a symlink at a user-controlled legacy Nova path in their home directory...

8.8CVSS5.9AI score0.00493EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/16 9:8 p.m.8 views

Weblate: Prefix-Based Repository Boundary Check Bypass via Symlink/Junction Path Prefix Collision

Impact Weblate repository-boundary validation relies on string prefix checks on resolved absolute paths. In multiple code paths, the check uses startswith against the repository root path. This is not path-segment aware and can be bypassed when the external path shares the same string prefix as t...

5CVSS5.8AI score0.00324EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/03/09 9:11 p.m.42 views

CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x...

8.2CVSS0.00253EPSS
Exploits4References2
OSV
OSV
added 2026/01/29 10:5 p.m.4 views

GHSA-923J-VRCG-HXWH malcontent vulnerable to symlink Path Traversal via handleSymlink argument confusion in archive extraction

malcontent could be made to create symlinks outside the intended extraction directory when scanning a specially crafted tar or deb archive. The handleSymlink function received arguments in the wrong order, causing the symlink target to be used as the symlink location. Additionally, symlink target...

5.5CVSS5.8AI score0.00167EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/21 10:36 p.m.4 views

EUVD-2026-4137

Backstage has a Possible Symlink Path Traversal in Scaffolder Actions...

7.1CVSS5.3AI score0.00478EPSS
Exploits0References4
OSV
OSV
added 2026/01/21 10:36 p.m.6 views

GHSA-RQ6Q-WR2Q-7PGP Backstage has a Possible Symlink Path Traversal in Scaffolder Actions

Impact Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to: 1. Read arbitrary files via the debug:log action by creating a symlink pointin...

7.1CVSS5.9AI score0.00478EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/21 10:36 p.m.5 views

CVE-2026-24046

Backstage is an open framework for building developer portals. Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to read arbitrary files vi...

7.1CVSS5.7AI score0.00478EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/21 10:36 p.m.19 views

CVE-2026-24046 Backstage has a Possible Symlink Path Traversal in Scaffolder Actions

Backstage is an open framework for building developer portals. Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to read arbitrary files vi...

7.1CVSS0.00478EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.6 views

PT-2025-47601

Name of the Vulnerable Software and Affected Versions zx affected versions not specified Description A flaw exists in zx where, when invoked with the --prefer-local option pointing to a specific path, the command-line interface creates a symbolic link named ./node modules to the specified path’s...

8.3CVSS6.4AI score0.0008EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-3854

Malware in sbrugna...

7.5CVSS7.7AI score0.02885EPSS
Exploits1References10
OSV
OSV
added 2025/07/08 7:15 p.m.1 views

DEBIAN-CVE-2025-48384

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with ...

8CVSS7.3AI score0.02775EPSS
Exploits9References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 p.m.7 views

CVE-2022-36943

SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item...

8.1CVSS6.9AI score0.00805EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:47 p.m.8 views

CVE-2020-10003

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges...

7.8CVSS5.4AI score0.0039EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 12:15 a.m.6 views

CVE-2020-3432

A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit th...

5.6CVSS5.8AI score0.00222EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.22 views

RHEL 6 : keepalived (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or...

9.8CVSS8.8AI score0.03746EPSS
Exploits1References2
Rows per page
Query Builder