Vulnerabilities (CVE)

Filtered by CWE-59
Total 1271 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-17955 1 Opensuse 1 Yast2-multipath 2024-11-21 3.6 LOW 2.2 LOW
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection
CVE-2018-17567 1 Jekyllrb 1 Jekyll 2024-11-21 5.0 MEDIUM 7.5 HIGH
Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "_config.yml" file.
CVE-2018-17559 1 Abus 94 Tvip 10000, Tvip 10000 Firmware, Tvip 10001 and 91 more 2024-11-21 N/A 7.5 HIGH
Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras.
CVE-2018-15351 1 Kraftway 2 24f2xg Router, 24f2xg Router Firmware 2024-11-21 7.1 HIGH 6.5 MEDIUM
Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118.
CVE-2018-14651 3 Debian, Gluster, Redhat 3 Debian Linux, Glusterfs, Enterprise Linux 2024-11-21 6.5 MEDIUM 8.8 HIGH
It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths.
CVE-2018-14335 1 H2database 1 H2 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
CVE-2018-14329 1 Htslib 1 Htslib 2024-11-21 3.3 LOW 4.7 MEDIUM
In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.
CVE-2018-13054 2 Debian, Linuxmint 2 Debian Linux, Cinnamon 2024-11-21 5.8 MEDIUM 8.1 HIGH
An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content.
CVE-2018-12026 1 Phusion 1 Passenger 2024-11-21 7.5 HIGH 9.8 CRITICAL
During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in turn can result in information disclosure and privilege escalation.
CVE-2018-12015 6 Apple, Archive\, Canonical and 3 more 9 Mac Os X, \, Ubuntu Linux and 6 more 2024-11-21 6.4 MEDIUM 7.5 HIGH
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
CVE-2018-11637 1 Dialogic 1 Powermedia Xms 2024-11-21 5.0 MEDIUM 7.5 HIGH
Information leakage vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to read arbitrary files from the /var/ directory because a symlink exists under the web root.
CVE-2018-10928 4 Debian, Gluster, Opensuse and 1 more 7 Debian Linux, Glusterfs, Leap and 4 more 2024-11-21 6.5 MEDIUM 8.8 HIGH
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes.
CVE-2018-10897 2 Redhat, Rpm 5 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation and 2 more 2024-11-21 9.3 HIGH 8.1 HIGH
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.
CVE-2018-10722 1 Cylance 1 Cylanceprotect 2024-11-21 7.2 HIGH 7.8 HIGH
In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges because users have Modify access to the %PROGRAMFILES%\Cylance\Desktop\log folder, the CyUpdate process grants users Modify access to new files created in this folder, and a new file can be a symlink chain to a pathname of an arbitrary DLL that CyUpdate uses.
CVE-2018-10380 3 Debian, Kde, Opensuse 3 Debian Linux, Plasma, Leap 2024-11-21 7.2 HIGH 7.8 HIGH
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.
CVE-2018-1000544 3 Debian, Redhat, Rubyzip Project 3 Debian Linux, Cloudforms, Rubyzip 2024-11-21 7.5 HIGH 9.8 CRITICAL
rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..
CVE-2018-1000073 1 Rubygems 1 Rubygems 2024-11-21 5.0 MEDIUM 7.5 HIGH
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in install_location function of package.rb that can result in path traversal when writing to a symlinked basedir outside of the root. This vulnerability appears to have been fixed in 2.7.6.
CVE-2017-7500 1 Rpm 1 Rpm 2024-11-21 7.2 HIGH 7.3 HIGH
It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.
CVE-2017-5188 1 Opensuse 1 Open Build Service 2024-11-21 5.0 MEDIUM 5.0 MEDIUM
The bs_worker code in open build service before 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information.
CVE-2017-2619 3 Debian, Redhat, Samba 3 Debian Linux, Enterprise Linux, Samba 2024-11-21 6.0 MEDIUM 7.5 HIGH
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.