Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2026/01/20 8:41 p.m.5 views

CVE-2025-55130

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

7.1CVSS5.8AI score0.00016EPSS
Exploits2References1
Hacker One
Hacker Oneadded 2025/11/09 4:8 p.m.6 views

Node.js: FS Permissions Bypass

A flaw was discovered in Node.js's Permissions model that allowed attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory could escape the allowed path a...

9.1CVSS5.7AI score0.00016EPSS
Exploits2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-16238

Malware in sbrugna...

3.6CVSS4.5AI score0.00094EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2019/12/31 12:0 a.m.26 views

F5 Networks BIG-IP : SCP vulnerability (K54336216)

The system does not properly enforce the access controls for the scp.whitelist and scp.blacklist files whenpaths are symbolic links symlinks. This allows authenticated users with Secure Copy SCP protocol access to overwrite certain configuration files that would otherwise be restricted...

3.6CVSS5AI score0.00094EPSS
Exploits0References2
OSV
OSVadded 2019/12/23 6:15 p.m.2 views

CVE-2019-6679

On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users wi...

3.3CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2019/12/23 6:15 p.m.19 views

Design/Logic Flaw

On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users wi...

3.6CVSS4AI score0.00094EPSS
Exploits0References1Affected Software13
OSV
OSVadded 2016/03/10 11:37 p.m.6 views

MGASA-2016-0106 Updated samba packages fix security vulnerability

Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks CVE-2015-7560...

6.5CVSS6.4AI score0.03995EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2016/03/09 12:0 a.m.27 views

Ubuntu 14.04 LTS : Samba vulnerabilities (USN-2922-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2922-1 advisory. Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs...

6.5CVSS6.7AI score0.11126EPSS
Exploits0References5
Rows per page
Query Builder