CVE-2026-29203

CVE-2026-29203 affects the cPanel Nova plugin component Cpanel::Nova::Connector. A chmod call follows symlinks, enabling an authenticated cPanel user to set root permissions on arbitrary system files or directories by placing a symlink at a user-controlled legacy Nova path in their home directory...

Weblate: Prefix-Based Repository Boundary Check Bypass via Symlink/Junction Path Prefix Collision

Impact Weblate repository-boundary validation relies on string prefix checks on resolved absolute paths. In multiple code paths, the check uses startswith against the repository root path. This is not path-segment aware and can be bypassed when the external path shares the same string prefix as t...

CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x...

GHSA-923J-VRCG-HXWH malcontent vulnerable to symlink Path Traversal via handleSymlink argument confusion in archive extraction

malcontent could be made to create symlinks outside the intended extraction directory when scanning a specially crafted tar or deb archive. The handleSymlink function received arguments in the wrong order, causing the symlink target to be used as the symlink location. Additionally, symlink target...

EUVD-2026-4137

Backstage has a Possible Symlink Path Traversal in Scaffolder Actions...

GHSA-RQ6Q-WR2Q-7PGP Backstage has a Possible Symlink Path Traversal in Scaffolder Actions

Impact Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to: 1. Read arbitrary files via the debug:log action by creating a symlink pointin...

CVE-2026-24046 Backstage has a Possible Symlink Path Traversal in Scaffolder Actions

Backstage is an open framework for building developer portals. Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to read arbitrary files vi...

CVE-2026-24046

Backstage is an open framework for building developer portals. Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to read arbitrary files vi...

PT-2025-47601

Name of the Vulnerable Software and Affected Versions zx affected versions not specified Description A flaw exists in zx where, when invoked with the --prefer-local option pointing to a specific path, the command-line interface creates a symbolic link named ./node modules to the specified path’s...

EUVD-2019-3854

Malware in sbrugna...

DEBIAN-CVE-2025-48384

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with ...

CVE-2022-36943

SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item...

CVE-2020-10003

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges...

CVE-2020-3432

A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit th...

RHEL 6 : keepalived (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or...

RHEL 5 : samba3x (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Samba: Missing access control check in shadow copy code CVE-2015-5299 - samba: Incorrect ACL get/set...

SUSE CVE-2008-4097

MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed wh...

SUSE CVE-2014-9356

Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an 1 image or 2 build in a Dockerfile...

PT-2023-13513

Name of the Vulnerable Software and Affected Versions SSZipArchive versions 2.5.3 and older Description The issue is related to an arbitrary file write vulnerability due to a lack of sanitization on paths that are symlinks. When SSZipArchive opens a malicious ZIP containing a symlink as the first...

CVE-2022-36943

SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item...