Vulnerabilities (CVE)

Filtered by CWE-59
Total 1264 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-2093 1 Gajim 1 Gajim 2025-04-11 3.3 LOW N/A
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.
CVE-2013-0200 2 Hp, Redhat 2 Linux Imaging And Printing Project, Enterprise Linux 2025-04-11 1.9 LOW N/A
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722.
CVE-2011-1073 2 Apple, Freebsd 2 Mac Os X, Freebsd 2025-04-11 1.9 LOW N/A
crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and (2) perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on /tmp/crontab.XXXXXXXXXX temporary files.
CVE-2012-4455 1 Opencryptoki Project 1 Opencryptoki 2025-04-11 6.2 MEDIUM N/A
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/.
CVE-2011-2185 1 Fabfile 1 Fabric 2025-04-11 4.4 MEDIUM N/A
Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on (1) a /tmp/fab.*.tar file or (2) certain other files in the top level of /tmp/.
CVE-2011-1072 1 Php 1 Pear 2025-04-11 3.3 LOW N/A
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
CVE-2012-6348 1 Centrify 2 Centrify Deployment Manager, Centrify Suite 2025-04-11 3.3 LOW N/A
Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file.
CVE-2009-5081 1 Gnu 1 Groff 2025-04-11 3.3 LOW N/A
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969.
CVE-2013-4169 1 Gnome 1 Gnome Display Manager 2025-04-11 6.9 MEDIUM N/A
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.
CVE-2012-3345 1 Ioquake3 1 Ioquake3 Engine 2025-04-11 5.6 MEDIUM N/A
ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ioq3.pid temporary file.
CVE-2009-4664 2 Fwbuilder, Linux 2 Firewall Builder, Linux Kernel 2025-04-11 3.3 LOW N/A
Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script.
CVE-2013-6402 1 Hp 1 Linux Imaging And Printing Project 2025-04-11 2.1 LOW N/A
base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
CVE-2011-0702 1 Feh Project 1 Feh 2025-04-11 3.3 LOW N/A
The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to overwrite arbitrary files via a symlink attack on a /tmp/feh_ temporary file.
CVE-2013-3368 1 Bestpractical 1 Rt 2025-04-11 3.3 LOW N/A
bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name.
CVE-2010-3847 1 Gnu 1 Glibc 2025-04-11 6.9 MEDIUM N/A
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
CVE-2013-1444 2 Debian, Marc Vertes 2 Txt2man, Txt2man 2025-04-11 3.3 LOW N/A
A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.
CVE-2011-2722 1 Hp 1 Linux Imaging And Printing Project 2025-04-11 1.2 LOW N/A
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
CVE-2011-0012 2 Mozilla, Redhat 2 Firefox, Spice-xpi 2025-04-11 3.3 LOW N/A
The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name.
CVE-2014-1624 1 Python 1 Pyxdg 2025-04-11 3.3 LOW N/A
Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called.
CVE-2010-2431 1 Apple 1 Cups 2025-04-11 2.6 LOW N/A
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.