Weaknesses of type CWE-61
140 resultsCVE-2024-28189CRITICALJudge0 vulnerable to Sandbox Escape Patch Bypass via chown running on Symbolic LinkEPSS 7.2%CVE-2024-28185CRITICALJudge0 vulnerable to Sandbox Escape via Symbolic LinkEPSS 7.1%CVE-2019-11249MEDIUMkubectl cp allows symlink directory traversalEPSS 3.7%CVE-2019-11246MEDIUMkubectl cp allows symlink directory traversalEPSS 3.6%CVE-2019-16775HIGHUnauthorized File Access in npm CLI before before version 6.13.3EPSS 3.3%CVE-2022-3592MEDIUMA symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured shEPSS 2.4%CVE-2019-11251MEDIUMkubectl cp allows symlink directory traversalEPSS 2.3%CVE-2023-37460HIGHPlexus Archiver vulnerable to Arbitrary File Creation in AbstractUnArchiverEPSS 2.1%CVE-2021-4287MEDIUMReFirm Labs binwalk Archive Extraction extractor.py symlinkEPSS 1.9%CVE-2021-32518HIGHQSAN Storage Manager - UNIX Symbolic Link (Symlink) FollowingEPSS 1.7%CVE-2026-34078CRITICALFlatpak has a complete sandbox escape leading to host file access and code execution in the host contextEPSS 1.6%CVE-2021-32508MEDIUMQSAN Storage Manager - UNIX Symbolic Link (Symlink) Following via FileStreaming functionEPSS 1.3%CVE-2021-32509MEDIUMQSAN Storage Manager - UNIX Symbolic Link (Symlink) Following via FileviewDoc functionEPSS 1.3%CVE-2021-1145MEDIUMCisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read VulnerabilityEPSS 1.3%CVE-2026-54420HIGHLiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTPEPSS 1.3%KEVCVE-2022-24904MEDIUMSymlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-serverEPSS 1.1%CVE-2017-14798HIGHlocal privilege escalation in SUSE postgresql init scriptEPSS 1.0%CVE-2024-54148HIGHGogs has a Path Traversal in file editing UIEPSS 0.8%CVE-2025-55345HIGHUnsafe symlink following in restricted workspace-write sandbox leads to RCEEPSS 0.8%CVE-2024-54661CRITICALreadline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.EPSS 0.8%