Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,502)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-8860 1Nodejs 1Node.js May 13, 2026 Jan 23, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.
CVE-2016-6253 1Netbsd 1Netbsd May 13, 2026 Jan 20, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
CVE-2016-9566 1Nagios 1Nagios May 6, 2026 Dec 15, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers u...Show more base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565.Show less
CVE-2016-6664 3Mariadb OraclePercona 4Mariadb MysqlPercona Server+1 more May 6, 2026 Dec 13, 2016 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster befo...Show more mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.Show less
CVE-2016-1247 2F5 Fedoraproject 2Fedora Nginx May 6, 2026 Nov 29, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10,...Show more The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log.Show less
CVE-2016-7490 1Teradata 1Studio Express May 6, 2026 Nov 10, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps el...Show more The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps elevate privileges.Show less
CVE-2016-3096 2Fedoraproject Redhat 2Ansible Fedora May 6, 2026 Jun 3, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-scrip...Show more The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.Show less
CVE-2015-0858 2Debian Tardiff Project 2Debian Linux Tardiff May 6, 2026 May 6, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.
CVE-2015-6566 2Fedoraproject Zarafa 2Fedora Zarafa Collaboration Platform May 6, 2026 Jan 11, 2016 N/A· v4 8.4 HIGH· v3 7.2 HIGH· v2 zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.
CVE-2015-7758 2Gummi Project Opensuse 3Gummi LeapOpensuse May 6, 2026 Jan 8, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the f...Show more Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.Show less
CVE-2015-5287 1Redhat 5Automatic Bug Reporting Tool Enterprise Linux DesktopEnterprise Linux Hpc Node+2 more May 6, 2026 Dec 7, 2015 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated b...Show more The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.Show less
CVE-2015-5273 1Redhat 5Automatic Bug Reporting Tool Enterprise Linux DesktopEnterprise Linux Hpc Node+2 more May 6, 2026 Dec 7, 2015 N/A· v4 N/A· v3 3.6 LOW· v2 The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created direc...Show more The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.Show less
CVE-2015-0794 1Dracut Project 1Dracut May 6, 2026 Nov 19, 2015 N/A· v4 N/A· v3 3.6 LOW· v2 modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows local users to have unspecified impact via a symlink attack on /tmp/dracut_block_uuid.map.
CVE-2015-1338 2Apport Project Canonical 2Apport Ubuntu Linux May 6, 2026 Oct 1, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
CVE-2015-1335 2Canonical Linuxcontainers 2Lxc Ubuntu Linux May 6, 2026 Oct 1, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
CVE-2015-6927 1Openvz 1Vzctl May 6, 2026 Sep 28, 2015 N/A· v4 N/A· v3 3.6 LOW· v2 vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root pa...Show more vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the ploop container root.hdd file and then access a control panel.Show less
CVE-2015-5752 1Apple 1Iphone Os May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
CVE-2015-3759 1Apple 1Iphone Os May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.
CVE-2015-1331 1Linuxcontainers 1Lxc May 6, 2026 Aug 12, 2015 N/A· v4 N/A· v3 4.9 MEDIUM· v2 lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
CVE-2015-3436 1Zarafa 1Zarafa Collaboration Platform May 6, 2026 Jun 9, 2015 N/A· v4 N/A· v3 6.6 MEDIUM· v2 provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock.

Previous 1...525354...76 Next