Vulnerabilities (CVE)

Filtered by CWE-59
Total 1013 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-4184 2 Data\, Debian 2 \, Debian Linux 2024-03-28 3.6 LOW 5.5 MEDIUM
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
CVE-2021-31566 5 Debian, Fedoraproject, Libarchive and 2 more 14 Debian Linux, Fedora, Libarchive and 11 more 2024-03-27 N/A 7.8 HIGH
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
CVE-2023-41969 2024-03-26 N/A 7.3 HIGH
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp issue reporting file from the unprivileged end user access and modification. Fixed version: Win ZApp 4.3.0 and later.
CVE-2023-7216 2 Gnu, Redhat 2 Cpio, Enterprise Linux 2024-03-26 N/A 5.3 MEDIUM
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, this allows writing files in arbitrary directories through symlinks.
CVE-2024-29188 2024-03-25 N/A 7.9 HIGH
WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The custom action behind WiX's `RemoveFolderEx` functionality could allow a standard user to delete protected directories. `RemoveFolderEx` deletes an entire directory tree during installation or uninstallation. It does so by recursing every subdirectory starting at a specified directory and adding each subdirectory to the list of directories Windows Installer should delete. If the setup author instructed `RemoveFolderEx` to delete a per-user folder from a per-machine installer, an attacker could create a directory junction in that per-user folder pointing to a per-machine, protected directory. Windows Installer, when executing the per-machine installer after approval by an administrator, would delete the target of the directory junction. This vulnerability is fixed in 3.14.1 and 4.0.5.
CVE-2021-4287 1 Microsoft 1 Binwalk 2024-03-21 N/A 6.5 MEDIUM
A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 is able to address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876.
CVE-2019-11879 1 Ruby-lang 1 Webrick 2024-03-21 2.1 LOW 5.5 MEDIUM
The WEBrick gem 1.4.2 for Ruby allows directory traversal if the attacker once had local access to create a symlink to a location outside of the web root directory. NOTE: The vendor states that this is analogous to Options FollowSymlinks in the Apache HTTP Server, and therefore it is "not a problem.
CVE-2008-5135 1 Debian 1 Os-prober 2024-03-21 6.2 MEDIUM N/A
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users.
CVE-2008-5034 1 A Mennucc1 1 Printfilters-ppd 2024-03-21 6.9 MEDIUM N/A
master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filter.debug temporary file. NOTE: the vendor disputes this vulnerability, stating 'this package does not have " possibility of attack with the help of symlinks"'
CVE-2008-4998 1 Twiki 1 Twiki 2024-03-21 6.9 MEDIUM N/A
postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid.
CVE-2008-4997 1 Pilot-qof 1 Datafreedom-perl 2024-03-21 6.9 MEDIUM N/A
dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage.
CVE-2008-4996 1 Debian 1 Initramfs-tools 2024-03-21 6.9 MEDIUM N/A
init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable.
CVE-2008-4977 1 Postfix 1 Postfix 2024-03-21 6.9 MEDIUM N/A
postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it.
CVE-2008-4953 1 Firehol 1 Firehol 2024-03-21 6.9 MEDIUM N/A
firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks.
CVE-2008-4950 1 Debian 1 Dpkg-cross 2024-03-21 6.9 MEDIUM N/A
gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot.
CVE-2023-28892 1 Malwarebytes 1 Adwcleaner 2024-03-05 N/A 7.8 HIGH
Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link.
CVE-2022-20720 1 Cisco 1 Ios Xe 2024-03-04 9.0 HIGH 7.2 HIGH
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
CVE-2024-0068 2024-03-01 N/A 5.5 MEDIUM
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1.
CVE-2023-52138 1 Mate-desktop 1 Engrampa 2024-02-29 N/A 9.6 CRITICAL
Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full Remote Command Execution (RCE) on the target. While handling CPIO archives, the Engrampa Archive manager follows symlink, cpio by default will follow stored symlinks while extracting and the Archiver will not check the symlink location, which leads to arbitrary file writes to unintended locations. When the victim extracts the archive, the attacker can craft a malicious cpio or ISO archive to achieve RCE on the target system. This vulnerability was fixed in commit 63d5dfa.
CVE-2019-11538 1 Ivanti 1 Connect Secure 2024-02-27 4.0 MEDIUM 7.7 HIGH
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1, an NFS problem could allow an authenticated attacker to access the contents of arbitrary files on the affected device.