CWE:
 

Tytuł
Data
Autor
Med.
Leeloo Multipath Authorization Bypass / Symlink Attack
02.11.2022
Qualys Security Adviso...
Med.
Linux systemd Symlink Dereference Via chown_one()
27.10.2018
Jann Horn
High
MS13-097 Registry Symlink IE Sandbox Escape
27.06.2014
Juan vazquez
Med.
systemd create or overwrite arbitrary files
21.04.2014
Sebastian Krahmer
Med.
Solaris 10 Patch Cluster Symlink Attack
09.08.2012
Larry W. Cashdollar
Low
Medium severity flaw in QNX Neutrino RTOS
23.10.2011
Tim Brown
Low
Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS
01.09.2011
Timo Warns
Med.
FreeBSD crontab information leakage
07.03.2011
Dan Rosenberg
Med.
The GNU C library dynamic linker expands $ORIGIN in setuid library search path
11.01.2011
taviso
Low
emesene preditable 1.6.1 temporary filename
12.06.2010
Emilio Pozuelo Monfort
Low
Mathematica on Linux /tmp/MathLink vulnerability
27.05.2010
paul szabo
Med.
Solaris Update manager and Sun Patch Cluster - Symlink attack
01.04.2010
DHS
Med.
Deliver 2.1.14 Multiple vulnerabilities
30.03.2010
Dan Rosenberg
Med.
fcrontab 3.0.4 Information Disclosure Vulnerability
09.03.2010
Dan Rosenberg
Med.
Oscailt 3.3 CMS Local File Inclusion
02.01.2010
s4r4d0
Med.
VideoCache 1.9.2 vccleaner root vulnerability
30.12.2009
Dominick LaTrappe
Med.
MySQL - 5.1.41 Multiple Vulnerabalities
03.12.2009
Jan Lieskovsky
Med.
Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities
05.02.2009
Sam Johnston
Med.
ViArt Shopping Cart v3.5 Multiple Remote Vulnerabilities
31.12.2008
XiaShing_at_gmail.com
High
verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability
23.12.2008
v4lkyrius
High
/bin/login gives root to group utmp
02.12.2008
Paul Szabo
High
python-2.3.4-5 Symbolic link attack possibility
19.09.2008
Jan iankko Lieskovsky
Med.
Nooms 1.1
11.09.2008
irancrash


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-10-11
Waiting for details
CVE-2024-45316

Updating...
 

 
The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.

 
Waiting for details
CVE-2024-45315

Updating...
 

 
The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack.

 
2024-10-08
Waiting for details
CVE-2024-43603

Updating...
 

 
Visual Studio Collector Service Denial of Service Vulnerability

 
Waiting for details
CVE-2024-38097

Updating...
 

 
Azure Monitor Agent Elevation of Privilege Vulnerability

 
Waiting for details
CVE-2024-38262

Updating...
 

 
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

 
Waiting for details
CVE-2024-43501

Updating...
 

 
Windows Common Log File System Driver Elevation of Privilege Vulnerability

 
Waiting for details
CVE-2024-43551

Updating...
 

 
Windows Storage Elevation of Privilege Vulnerability

 
Waiting for details
CVE-2024-43563

Updating...
 

 
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

 
2024-10-01
Waiting for details
CVE-2024-9341

Updating...
 

 
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.

 
2024-09-19
Waiting for details
CVE-2024-45770

Updating...
 

 
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top