Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hardlink vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2011-3630
Hardlink prior to 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, lead...
Hardlink Project Hardlink
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
7.1
CVSSv3
CVE-2011-3632
Hardlink prior to 0.1.2 operates on full file system objects path names which can allow a local malicious user to use this flaw to conduct symlink attacks.
Hardlink Project Hardlink
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
8.8
CVSSv3
CVE-2011-3631
Hardlink prior to 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and...
Hardlink Project Hardlink
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
NA
CVE-2014-4433
Heap-based buffer overflow in the kernel in Apple OS X prior to 10.10 allows physically proximate malicious users to execute arbitrary code via crafted resource forks in an HFS filesystem.
Apple Mac Os X
NA
CVE-2014-4434
The kernel in Apple OS X prior to 10.10 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem.
Apple Mac Os X
NA
CVE-2013-6799
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
Apple Mac Os X 10.9
1 EDB exploit
7.5
CVSSv3
CVE-2018-20835
A vulnerability was found in tar-fs prior to 1.16.2. An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same name as the hardlink. This plain file co...
Tar-fs Project Tar-fs
27 Github repositories
NA
CVE-2010-0105
The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x prior to 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service (filesystem corruption) via a crafted application t...
Apple Mac Os X 10.5.8
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.4
Apple Mac Os X 10.6.1
Apple Mac Os X 10.6.3
Apple Mac Os X 10.6.2
1 EDB exploit
7.5
CVSSv3
CVE-2018-20834
A vulnerability was found in node-tar before version 4.4.2 (excluding version 2.2.2). An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same name as...
Node-tar Project Node-tar
4 Github repositories
7.5
CVSSv3
CVE-2019-13173
fstream prior to 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstre...
Fstream Project Fstream
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »