Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardlink vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2016-5293
When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerabi...
Mozilla Firefox Esr
Mozilla Firefox
Debian Debian Linux 8.0
2.1
CVSSv2
CVE-2015-3170
selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.
Selinux Project Selinux -
5
CVSSv2
CVE-2017-5601
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote malicious users to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.
Libarchive Libarchive 3.2.2
5
CVSSv2
CVE-2016-4809
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive prior to 3.2.1 allows remote malicious users to cause a denial of service (application crash) via a CPIO archive with a large symlink.
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Hpc Node Eus 7.2
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server Aus 7.2
Oracle Linux 6
Oracle Linux 7
Libarchive Libarchive
5
CVSSv2
CVE-2014-6408
Docker 1.3.0 up to and including 1.3.1 allows remote malicious users to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.
Docker Docker 1.3.0
Docker Docker 1.3.1
1 Article
7.5
CVSSv2
CVE-2014-6407
Docker prior to 1.3.2 allows remote malicious users to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
Docker Docker
Docker Docker 1.3.0
Docker Docker 1.0.0
1 Article
7.2
CVSSv2
CVE-2014-4433
Heap-based buffer overflow in the kernel in Apple OS X prior to 10.10 allows physically proximate malicious users to execute arbitrary code via crafted resource forks in an HFS filesystem.
Apple Mac Os X
4.9
CVSSv2
CVE-2014-4434
The kernel in Apple OS X prior to 10.10 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem.
Apple Mac Os X
4.7
CVSSv2
CVE-2013-6799
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
Apple Mac Os X 10.9
1 EDB exploit
3.7
CVSSv2
CVE-2013-5710
The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 up to and including 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.
Freebsd Freebsd 8.0
Freebsd Freebsd 8.3
Freebsd Freebsd 8.4
Freebsd Freebsd 9.0
Freebsd Freebsd 9.1
Freebsd Freebsd 9.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »