Total
1267 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4832 | 1 Rpath | 3 Appliance Platform Linux Service, Initscripts, Linux | 2025-04-09 | 6.9 MEDIUM | N/A |
| rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | |||||
| CVE-2008-4960 | 1 Dov Grobgeld | 1 Impose\+ | 2025-04-09 | 6.9 MEDIUM | N/A |
| impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files. | |||||
| CVE-2008-4977 | 1 Postfix | 1 Postfix | 2025-04-09 | 6.9 MEDIUM | N/A |
| postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it. | |||||
| CVE-2008-4943 | 1 Iglues | 1 Bulmages-servers | 2025-04-09 | 6.9 MEDIUM | N/A |
| bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts. | |||||
| CVE-2008-5148 | 1 Geda | 1 Gnetlist | 2025-04-09 | 6.9 MEDIUM | N/A |
| sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file. | |||||
| CVE-2008-4162 | 1 Nooms | 1 Nooms | 2025-04-09 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | |||||
| CVE-2008-5034 | 1 A Mennucc1 | 1 Printfilters-ppd | 2025-04-09 | 6.9 MEDIUM | N/A |
| master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filter.debug temporary file. NOTE: the vendor disputes this vulnerability, stating 'this package does not have " possibility of attack with the help of symlinks"' | |||||
| CVE-2008-5145 | 1 Debian | 1 Ltp | 2025-04-09 | 6.9 MEDIUM | N/A |
| ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file. | |||||
| CVE-2008-5378 | 1 Lehrstuhl Fur Mikrobiologie | 1 Arb | 2025-04-09 | 6.9 MEDIUM | N/A |
| arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary file. | |||||
| CVE-2008-4958 | 1 Alejandro Garrido Mota | 1 Gdrae | 2025-04-09 | 6.9 MEDIUM | N/A |
| gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file. | |||||
| CVE-2008-4967 | 1 Linuxtrade | 1 Linuxtrade | 2025-04-09 | 6.9 MEDIUM | N/A |
| linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts. | |||||
| CVE-2007-4129 | 2 Fedoraproject, Redhat | 2 Coolkey, Enterprise Linux | 2025-04-09 | 3.3 LOW | N/A |
| CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory. | |||||
| CVE-2008-4983 | 1 Scilab | 1 Scilab-bin | 2025-04-09 | 6.9 MEDIUM | N/A |
| scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/SciLink#####1, (b) /tmp/SciLink#####2, (c) /tmp/SciLink#####3, (d) /tmp/*.#####, (e) /tmp/*.#####.res, (f) /tmp/*.#####.err, and (g) /tmp/*.#####.diff temporary files, related to the (1) scilink, (2) scidoc, and (3) scidem scripts. | |||||
| CVE-2008-4954 | 1 Fumitoshi Ukai | 1 Fml | 2025-04-09 | 6.9 MEDIUM | N/A |
| mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file. | |||||
| CVE-2008-5376 | 1 Crip | 1 Crip | 2025-04-09 | 6.9 MEDIUM | N/A |
| editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.tag.tmp temporary file. | |||||
| CVE-2007-3919 | 2 Debian, Xensource Inc | 2 Debian Linux, Xen | 2025-04-09 | 6.0 MEDIUM | N/A |
| (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | |||||
| CVE-2006-5851 | 1 Openbase International Ltd | 1 Openbase | 2025-04-09 | 2.1 LOW | N/A |
| openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328. | |||||
| CVE-2008-5372 | 1 Jonas Smedegaard | 1 Sdm-terminal | 2025-04-09 | 6.9 MEDIUM | N/A |
| sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file. | |||||
| CVE-2008-4948 | 1 Nostatic | 1 Digitaldj | 2025-04-09 | 6.9 MEDIUM | N/A |
| fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file. | |||||
| CVE-2008-4098 | 4 Canonical, Debian, Mysql and 1 more | 4 Ubuntu Linux, Debian Linux, Mysql and 1 more | 2025-04-09 | 4.6 MEDIUM | N/A |
| MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | |||||