Total
1363 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6402 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-11 | 2.1 LOW | N/A |
| base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file. | |||||
| CVE-2010-1693 | 1 Openfabrics | 1 Enterprise Distribution | 2025-04-11 | 6.3 MEDIUM | N/A |
| openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file. | |||||
| CVE-2010-0546 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 3.3 LOW | N/A |
| Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder. | |||||
| CVE-2011-3870 | 2 Puppet, Puppetlabs | 2 Puppet, Puppet | 2025-04-11 | 6.3 MEDIUM | N/A |
| Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file. | |||||
| CVE-2011-4028 | 1 X.org | 1 X Server | 2025-04-11 | 1.2 LOW | N/A |
| The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists. | |||||
| CVE-2012-2103 | 1 Munin-monitoring | 1 Munin | 2025-04-11 | 1.2 LOW | N/A |
| The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. | |||||
| CVE-2013-2142 | 1 Libimobiledevice | 1 Libimobiledevice | 2025-04-11 | 3.3 LOW | N/A |
| userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/. | |||||
| CVE-2013-2217 | 3 Jeff Ortel, Opensuse, Redhat | 3 Suds, Opensuse, Enterprise Linux | 2025-04-11 | 1.2 LOW | N/A |
| cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/. | |||||
| CVE-2011-0754 | 2 Microsoft, Php | 2 Windows, Php | 2025-04-11 | 4.4 MEDIUM | N/A |
| The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check. | |||||
| CVE-2012-5355 | 1 Bryce Harrington | 1 Xdiagnose | 2025-04-11 | 3.3 LOW | N/A |
| welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. | |||||
| CVE-2011-0402 | 1 Debian | 1 Dpkg | 2025-04-11 | 6.8 MEDIUM | N/A |
| dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory. | |||||
| CVE-2011-0461 | 1 Opensuse | 1 Opensuse | 2025-04-11 | 6.3 MEDIUM | N/A |
| /etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab. | |||||
| CVE-2011-5146 | 1 Ingumadev | 1 Bokken | 2025-04-11 | 2.6 LOW | N/A |
| Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot. | |||||
| CVE-2011-0017 | 1 Exim | 1 Exim | 2025-04-11 | 6.9 MEDIUM | N/A |
| The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack. | |||||
| CVE-2010-0787 | 1 Samba | 1 Samba | 2025-04-11 | 4.4 MEDIUM | N/A |
| client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. | |||||
| CVE-2009-5007 | 1 Cisco | 1 Anyconnect Ssl Vpn | 2025-04-11 | 3.3 LOW | N/A |
| The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files. | |||||
| CVE-2010-1160 | 1 Gnu | 1 Nano | 2025-04-11 | 1.9 LOW | N/A |
| GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim. | |||||
| CVE-2012-5564 | 1 Google | 1 Android Debug Bridge | 2025-04-11 | 3.3 LOW | N/A |
| android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log. | |||||
| CVE-2011-1384 | 1 Ibm | 2 Aix, Invscout.rte | 2025-04-11 | 4.0 MEDIUM | N/A |
| The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. | |||||
| CVE-2013-4157 | 1 Redhat | 1 Storage Server | 2025-04-11 | 3.6 LOW | N/A |
| Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the (1) e, (2) local-bricks.list, (3) bricks.err, or (4) limits.conf files in /tmp. | |||||