Total
1131 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18925 | 1 Openr | 1 Opentmpfiles | 2020-10-30 | 2.1 LOW | 5.5 MEDIUM |
| opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack. | |||||
| CVE-2019-8452 | 1 Checkpoint | 2 Endpoint Security, Zonealarm | 2020-10-22 | 4.6 MEDIUM | 7.8 HIGH |
| A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file. | |||||
| CVE-2019-8455 | 1 Checkpoint | 1 Zonealarm | 2020-10-22 | 3.6 LOW | 7.1 HIGH |
| A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file. | |||||
| CVE-2019-5438 | 1 Harpjs | 1 Harp | 2020-10-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Path traversal using symlink in npm harp module versions <= 0.29.0. | |||||
| CVE-2019-18575 | 1 Dell | 1 Command\|configure | 2020-10-16 | 6.6 MEDIUM | 7.1 HIGH |
| Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system. | |||||
| CVE-2013-4116 | 1 Node Packaged Modules Project | 1 Node Packaged Modules | 2020-10-14 | 3.3 LOW | N/A |
| lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives. | |||||
| CVE-2019-1836 | 1 Cisco | 3 Nexus 9300, Nexus 9500, Nx-os | 2020-10-13 | 6.6 MEDIUM | 7.1 HIGH |
| A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to use symbolic links to overwrite system files. These system files may be sensitive and should not be overwritable by non-root users. The attacker would need valid device credentials. The vulnerability is due to incorrect symbolic link verification of directory paths when they are used in the system shell. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input to specific symbolic link CLI commands. Successful exploitation could allow the attacker to overwrite system files that should be restricted. This vulnerability has been fixed in software version 14.1(1i). | |||||
| CVE-2001-0131 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2020-10-09 | 3.3 LOW | N/A |
| htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2020-17365 | 1 Pango | 1 Hotspot Shield | 2020-10-09 | 7.2 HIGH | 7.8 HIGH |
| Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. The vulnerability allows a local user to corrupt system files: a local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application. | |||||
| CVE-2020-12254 | 1 Avira | 1 Antivirus | 2020-10-06 | 4.6 MEDIUM | 7.8 HIGH |
| Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink. | |||||
| CVE-2019-10152 | 2 Libpod Project, Opensuse | 2 Libpod, Leap | 2020-09-30 | 2.6 LOW | 7.2 HIGH |
| A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container. | |||||
| CVE-2020-25289 | 1 Avast | 1 Secureline Vpn | 2020-09-17 | 2.1 LOW | 5.5 MEDIUM |
| The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory (which has weak permissions). | |||||
| CVE-2014-1420 | 1 Canonical | 1 Ubuntu-ui-toolkit | 2020-09-16 | 2.1 LOW | 3.3 LOW |
| On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the O_EXCL flag. An attacker could exploit this to launch a symlink attack, though this is partially mitigated by symlink and hardlink restrictions in Ubuntu. Fixed in 1.1.1188+14.10.20140813.4-0ubuntu1. | |||||
| CVE-2020-25031 | 1 Canonical | 1 Checkinstall | 2020-09-04 | 7.2 HIGH | 7.8 HIGH |
| checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file. | |||||
| CVE-2018-11637 | 1 Dialogic | 1 Powermedia Xms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Information leakage vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to read arbitrary files from the /var/ directory because a symlink exists under the web root. | |||||
| CVE-2019-1385 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 6.1 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1280 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'. | |||||
| CVE-2018-1000073 | 1 Rubygems | 1 Rubygems | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in install_location function of package.rb that can result in path traversal when writing to a symlinked basedir outside of the root. This vulnerability appears to have been fixed in 2.7.6. | |||||
| CVE-2019-1069 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-0086 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. | |||||