Vulnerabilities (CVE)

CWE filter

CWE-59

Filter

523 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-13636 1 Gnu 1 Patch 2019-07-23 5.8
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
CVE-2018-20834 1 Node-tar Project 1 Node-tar 2019-07-22 6.4
A vulnerability was found in node-tar before version 4.4.2. An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same...
CVE-2019-12779 1 Clusterlabs 1 Libqb 2019-07-19 6.6
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.
CVE-2019-12571 1 Londontrustmedia 1 Private Internet Access Vpn Client 2019-07-16 6.6
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a connection, the XML...
CVE-2019-12573 1 Londontrustmedia 1 Private Internet Access Vpn Client 2019-07-16 6.6
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpn_launcher binary is setuid root. This binary supports...
CVE-2019-11503 1 Canonical 1 Snapd 2019-07-13 5.0
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass."
CVE-2019-13228 2019-07-11 6.6
deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary...
CVE-2019-13229 2019-07-10 6.6
deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite...
CVE-2019-13227 2019-07-10 6.6
In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system...
CVE-2019-13226 2019-07-10 6.9
deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location...
CVE-2013-4969 4 Puppetlabs, Canonical, Debian and 1 more 4 Puppet, Ubuntu Linux, Debian Linux and 1 more 2019-07-10 2.1
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.
CVE-2011-3870 2 Puppetlabs, Puppet 2 Puppet, Puppet 2019-07-10 6.3
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.
CVE-2011-3869 2 Puppetlabs, Puppet 2 Puppet, Puppet 2019-07-10 6.3
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.
CVE-2019-1002101 2 Kubernetes, Redhat 2 Kubernetes, Openshift Container Platform 2019-06-21 5.8
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user?s machine. If the...
CVE-2019-3567 1 Facebook 1 Osquery 2019-06-04 9.3
In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. Under those circumstances osquery will...
CVE-2015-1335 2 Linuxcontainers, Canonical 2 Ubuntu Linux, Lxc 2019-05-31 7.2
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
CVE-2015-1331 1 Linuxcontainers 1 Lxc 2019-05-31 4.9
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
CVE-2019-9949 2019-05-29 9.0
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The...
CVE-2017-1000115 3 Mercurial, Debian, Redhat 8 Mercurial, Debian Linux, Enterprise Linux Desktop and 5 more 2019-05-10 5.0
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository
CVE-2015-7529 3 Sosreport Project, Canonical, Redhat 8 Sosreport, Ubuntu Linux, Enterprise Linux Desktop and 5 more 2019-05-09 4.6
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in...