Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardlink vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2020-9451
An issue exists in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a (not yet created)...
Acronis True Image 2020 24.5.22510
445
VMScore
CVE-2017-5601
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote malicious users to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.
Libarchive Libarchive 3.2.2
641
VMScore
CVE-2020-9452
An issue exists in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe includes functionality to quarantine files by copying a suspected ransomware file from one directory to another using SYSTEM privileges. Because unprivileged users have write permissions in the qua...
Acronis True Image 2020 24.5.22510
643
VMScore
CVE-2018-8440
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Wi...
Microsoft Windows 10 1703
Microsoft Windows 10 1803
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 1709
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows 10 1709
Microsoft Windows 7 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
5 Github repositories
2 Articles
668
VMScore
CVE-2014-6407
Docker prior to 1.3.2 allows remote malicious users to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
Docker Docker
Docker Docker 1.3.0
Docker Docker 1.0.0
1 Article
445
VMScore
CVE-2014-6408
Docker 1.3.0 up to and including 1.3.1 allows remote malicious users to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.
Docker Docker 1.3.0
Docker Docker 1.3.1
1 Article
641
VMScore
CVE-2019-19741
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies...
Ea Origin
614
VMScore
CVE-2021-44730
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2...
Canonical Snapd
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
625
VMScore
CVE-2008-2936
Postfix prior to 2.3.15, 2.4 prior to 2.4.8, 2.5 prior to 2.5.4, and 2.6 prior to 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this ...
Postfix Postfix 2.5.0
Postfix Postfix 2.3.11
Postfix Postfix 2.3.6
Postfix Postfix 2.3.0
Postfix Postfix 2.5.2
Postfix Postfix 2.4.0
Postfix Postfix 2.3.12
Postfix Postfix 2.3.10
Postfix Postfix 2.4.5
Postfix Postfix 2.3.9
Postfix Postfix 2.3.2
Postfix Postfix 2.3.7
Postfix Postfix 2.3.14
Postfix Postfix 2.4.3
Postfix Postfix 2.5.3
Postfix Postfix 2.6.0
Postfix Postfix 2.4.7
Postfix Postfix 2.4.2
Postfix Postfix 2.3.4
Postfix Postfix 2.3.3
Postfix Postfix 2.3.1
Postfix Postfix 2.5.1
1 EDB exploit
NA
CVE-2024-32020
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source rep...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »