Total
1445 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5703 | 1 Gpsdrive | 1 Gpsdrive | 2026-04-23 | 6.2 MEDIUM | N/A |
| gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) examples/gpssmswatch and (2) src/splash.c, different vectors than CVE-2008-4959 and CVE-2008-5380. | |||||
| CVE-2008-0930 | 2 Debian, Freshmeat | 2 Debian Linux, Xwine | 2026-04-23 | 7.2 HIGH | N/A |
| w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5377 | 1 Apple | 1 Cups | 2026-04-23 | 6.9 MEDIUM | N/A |
| pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333. | |||||
| CVE-2008-3329 | 1 Twibright | 1 Links | 2026-04-23 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." | |||||
| CVE-2008-3216 | 1 Debian | 1 Projectl | 2026-04-23 | 4.6 MEDIUM | N/A |
| The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2008-4996 | 1 Debian | 1 Initramfs-tools | 2026-04-23 | 6.9 MEDIUM | 5.5 MEDIUM |
| init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable. | |||||
| CVE-2008-0806 | 1 Paul Pelzl | 1 Wyrd | 2026-04-23 | 3.6 LOW | N/A |
| wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. | |||||
| CVE-2008-4982 | 1 John Horne | 1 Rkhunter | 2026-04-23 | 6.9 MEDIUM | N/A |
| rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270. | |||||
| CVE-2008-3946 | 1 Hp | 1 Openvms | 2026-04-23 | 4.9 MEDIUM | N/A |
| The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file. | |||||
| CVE-2007-5200 | 1 Opensuse | 1 Opensuse | 2026-04-23 | 3.3 LOW | N/A |
| hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file. | |||||
| CVE-2008-3883 | 1 Caudium | 1 Caudium | 2026-04-23 | 7.2 HIGH | N/A |
| configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file. | |||||
| CVE-2008-0883 | 2 Adobe, Suse | 4 Acrobat Reader, Open Suse, Suse Linux and 1 more | 2026-04-23 | 3.7 LOW | N/A |
| acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | |||||
| CVE-2008-3227 | 1 Joomla | 1 Joomla | 2026-04-23 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | |||||
| CVE-2008-5146 | 1 Erl Wustl | 1 Ctn | 2026-04-23 | 6.9 MEDIUM | N/A |
| add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file. | |||||
| CVE-2008-4694 | 1 Opera | 1 Opera Browser | 2026-04-23 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. | |||||
| CVE-2009-4135 | 3 Canonical, Fedoraproject, Gnu | 3 Ubuntu Linux, Fedora, Coreutils | 2026-04-23 | 4.4 MEDIUM | N/A |
| The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. | |||||
| CVE-2008-4832 | 1 Rpath | 3 Appliance Platform Linux Service, Initscripts, Linux | 2026-04-23 | 6.9 MEDIUM | N/A |
| rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | |||||
| CVE-2008-4960 | 1 Dov Grobgeld | 1 Impose\+ | 2026-04-23 | 6.9 MEDIUM | N/A |
| impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files. | |||||
| CVE-2008-4977 | 1 Postfix | 1 Postfix | 2026-04-23 | 6.9 MEDIUM | N/A |
| postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it. | |||||
| CVE-2008-4943 | 1 Iglues | 1 Bulmages-servers | 2026-04-23 | 6.9 MEDIUM | N/A |
| bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts. | |||||