Search Results (1825 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-1255 2 Canonical, Debian 3 Ubuntu Linux, Debian Linux, Postgresql-common 2025-04-20 N/A
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04 before 179ubuntu0.1, and in Ubuntu 17.10 before 184ubuntu1.1 allows local users to gain root privileges via a symlink attack on a logfile in /var/log/postgresql.
CVE-2016-10089 1 Nagios 1 Nagios 2025-04-20 N/A
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
CVE-2017-12172 2 Postgresql, Redhat 4 Postgresql, Enterprise Linux, Rhel Software Collections and 1 more 2025-04-20 N/A
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.
CVE-2016-6253 1 Netbsd 1 Netbsd 2025-04-20 N/A
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
CVE-2017-2684 1 Siemens 1 Simatic Logon 2025-04-20 N/A
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.
CVE-2016-9774 3 Apache, Canonical, Debian 3 Tomcat, Ubuntu Linux, Debian Linux 2025-04-20 N/A
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory.
CVE-2016-4679 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2025-04-20 N/A
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libarchive" component, which allows remote attackers to write to arbitrary files via a crafted archive containing a symlink.
CVE-2017-12258 1 Cisco 1 Unified Communications Manager 2025-04-20 N/A
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames (iframes). An attacker could exploit this vulnerability by directing a user of the affected software to an attacker-controlled web page that contains a malicious HTML inline frame. A successful exploit could allow the attacker to conduct click-jacking or other types of client-side browser attacks. Cisco Bug IDs: CSCve60993.
CVE-2024-0206 2 Microsoft, Trellix 2 Windows, Anti-malware Engine 2025-04-17 7.1 High
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files
CVE-2022-2897 1 Measuresoft 2 Scadapro Client, Scadapro Server 2025-04-16 7.8 High
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation..
CVE-2022-2898 1 Measuresoft 2 Scadapro Client, Scadapro Server 2025-04-16 6.1 Medium
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service condition.
CVE-2022-45412 5 Apple, Google, Linux and 2 more 11 Macos, Android, Linux Kernel and 8 more 2025-04-15 8.8 High
When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>*This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
CVE-2022-45798 2 Microsoft, Trendmicro 2 Windows, Apex One 2025-04-15 7.8 High
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2022-4563 1 Freedom 1 Securedrop 2025-04-15 7.8 High
A vulnerability was found in Freedom of the Press SecureDrop. It has been rated as critical. Affected by this issue is some unknown functionality of the file gpg-agent.conf. The manipulation leads to symlink following. Local access is required to approach this attack. The name of the patch is b0526a06f8ca713cce74b63e00d3730618d89691. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215972.
CVE-2023-38159 1 Microsoft 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more 2025-04-14 7 High
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-36568 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-04-14 7 High
Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
CVE-2023-36711 1 Microsoft 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more 2025-04-14 7.8 High
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2023-36723 1 Microsoft 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more 2025-04-14 7.8 High
Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2023-36737 1 Microsoft 1 Azure Network Watcher 2025-04-14 7.8 High
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2013-4472 1 Freedesktop 1 Poppler 2025-04-12 N/A
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.