Total
1352 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-55188 | 1 7-zip | 1 7-zip | 2025-11-04 | N/A | 3.6 LOW |
| 7-Zip before 25.01 does not always properly handle symbolic links during extraction. | |||||
| CVE-2025-48384 | 3 Apple, Debian, Git-scm | 3 Xcode, Debian Linux, Git | 2025-11-04 | N/A | 8.0 HIGH |
| Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1. | |||||
| CVE-2025-23267 | 2025-11-04 | N/A | 8.5 HIGH | ||
| NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service. | |||||
| CVE-2025-22247 | 2025-11-04 | N/A | 6.1 MEDIUM | ||
| VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. | |||||
| CVE-2025-9870 | 1 Razer | 1 Synapse | 2025-11-04 | N/A | 7.8 HIGH |
| Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Philips HUE module installer. By creating a symbolic link, an attacker can abuse the installer to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-26375. | |||||
| CVE-2025-9869 | 1 Razer | 1 Synapse | 2025-11-04 | N/A | 7.8 HIGH |
| Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Razer Synapse Service. By creating a symbolic link, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-26374. | |||||
| CVE-2023-42942 | 1 Apple | 6 Ipad Os, Ipados, Iphone Os and 3 more | 2025-11-04 | N/A | 7.8 HIGH |
| This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges. | |||||
| CVE-2023-41968 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files. | |||||
| CVE-2025-43395 | 2025-11-04 | N/A | 3.3 LOW | ||
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access protected user data. | |||||
| CVE-2024-23285 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk. | |||||
| CVE-2025-43288 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7. An app may be able to bypass Privacy preferences. | |||||
| CVE-2025-43446 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to modify protected parts of the file system. | |||||
| CVE-2024-44178 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | |||||
| CVE-2024-44132 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 8.8 HIGH |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. | |||||
| CVE-2024-44131 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data. | |||||
| CVE-2024-32002 | 1 Git | 1 Git | 2025-11-04 | N/A | 9.0 CRITICAL |
| Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources. | |||||
| CVE-2025-43394 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access protected user data. | |||||
| CVE-2025-43379 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. An app may be able to access protected user data. | |||||
| CVE-2025-43726 | 1 Dell | 1 Alienware Command Center | 2025-11-04 | N/A | 6.7 MEDIUM |
| Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0, contains an Improper Link Resolution Before File Access ('Link Following')" vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | |||||
| CVE-2024-46744 | 1 Linux | 1 Linux Kernel | 2025-11-03 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read from disk. The reason why the corrupted symlink size causes an uninitialised page is due to the following sequence of events: 1. squashfs_read_inode() is called to read the symbolic link from disk. This assigns the corrupted value 3875536935 to inode->i_size. 2. Later squashfs_symlink_read_folio() is called, which assigns this corrupted value to the length variable, which being a signed int, overflows producing a negative number. 3. The following loop that fills in the page contents checks that the copied bytes is less than length, which being negative means the loop is skipped, producing an uninitialised page. This patch adds a sanity check which checks that the symbolic link size is not larger than expected. -- V2: fix spelling mistake. | |||||