Total
1299 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1753 | 1 Emn | 1 Coccinelle | 2025-04-09 | 3.3 LOW | N/A |
| Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file." | |||||
| CVE-2008-6759 | 1 Viart | 1 Viart Shop | 2025-04-09 | 4.3 MEDIUM | N/A |
| ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL in the POST_DATA parameter to manuals_search.php, which reveals the installation path in an error message. | |||||
| CVE-2008-4988 | 1 Lars Bahner | 1 Xcal | 2025-04-09 | 6.9 MEDIUM | N/A |
| pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal##### temporary file. | |||||
| CVE-2008-4990 | 1 Enomaly | 1 Elastic Computing Platform | 2025-04-09 | 6.9 MEDIUM | N/A |
| Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file. | |||||
| CVE-2008-4966 | 1 Openswan | 1 Linux-patch-openswan | 2025-04-09 | 6.9 MEDIUM | N/A |
| linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts. | |||||
| CVE-2009-3304 | 1 Gforge | 1 Gforge | 2025-04-09 | 3.3 LOW | N/A |
| GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php. | |||||
| CVE-2008-4639 | 1 Sentex | 1 Jhead | 2025-04-09 | 4.6 MEDIUM | N/A |
| jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2008-5135 | 1 Debian | 1 Os-prober | 2025-04-09 | 6.2 MEDIUM | N/A |
| os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users. | |||||
| CVE-2008-4104 | 1 Joomla | 1 Joomla | 2025-04-09 | 5.8 MEDIUM | N/A |
| Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL. | |||||
| CVE-2008-5150 | 1 Jose Carlos Medeiros | 1 Maildirsync | 2025-04-09 | 6.9 MEDIUM | N/A |
| sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file. | |||||
| CVE-2008-5374 | 1 Matthias Klose | 1 Bash-doc | 2025-04-09 | 6.9 MEDIUM | N/A |
| bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts. | |||||
| CVE-2008-5139 | 1 Javier Fernandez | 1 Jailer | 2025-04-09 | 6.9 MEDIUM | N/A |
| updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file. | |||||
| CVE-2008-4968 | 1 Bitmover | 1 Lmbench | 2025-04-09 | 6.9 MEDIUM | N/A |
| The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file. | |||||
| CVE-2009-4454 | 1 Saini | 1 Videocache | 2025-04-09 | 3.3 LOW | N/A |
| vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite arbitrary files via a symlink attack on /var/log/videocache/vccleaner.log. | |||||
| CVE-2009-0313 | 1 Kegel | 1 Winetricks | 2025-04-09 | 6.9 MEDIUM | N/A |
| winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file. | |||||
| CVE-2008-4951 | 1 Gplhost | 1 Dtc-common | 2025-04-09 | 6.9 MEDIUM | N/A |
| dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts. | |||||
| CVE-2008-5141 | 1 Dann Frazier | 1 Flamethrower | 2025-04-09 | 6.9 MEDIUM | N/A |
| flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file. | |||||
| CVE-2008-6397 | 1 Alcovebook | 1 Sgml2x | 2025-04-09 | 4.4 MEDIUM | N/A |
| rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2008-4952 | 1 Emacs | 1 Emacs-jabber | 2025-04-09 | 6.9 MEDIUM | N/A |
| emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file. | |||||
| CVE-2022-3592 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2025-04-08 | N/A | 6.5 MEDIUM |
| A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem. | |||||