Total
1363 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4135 | 3 Canonical, Fedoraproject, Gnu | 3 Ubuntu Linux, Fedora, Coreutils | 2025-04-09 | 4.4 MEDIUM | N/A |
| The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. | |||||
| CVE-2008-5157 | 1 Uoregon | 1 Tau | 2025-04-09 | 6.9 MEDIUM | N/A |
| tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts. | |||||
| CVE-2008-3216 | 1 Debian | 1 Projectl | 2025-04-09 | 4.6 MEDIUM | N/A |
| The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2008-4996 | 1 Debian | 1 Initramfs-tools | 2025-04-09 | 6.9 MEDIUM | 5.5 MEDIUM |
| init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable. | |||||
| CVE-2008-5256 | 1 Virtualox | 1 Virtualox | 2025-04-09 | 4.4 MEDIUM | N/A |
| The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary file. | |||||
| CVE-2008-4162 | 1 Nooms | 1 Nooms | 2025-04-09 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | |||||
| CVE-2008-4940 | 1 Aptoncd | 1 Aptoncd | 2025-04-09 | 6.9 MEDIUM | N/A |
| xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file. | |||||
| CVE-2007-5377 | 1 Gnu | 1 Tramp | 2025-04-09 | 6.9 MEDIUM | N/A |
| The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2007-5718 | 2 Debian, Vobcopy | 2 Debian Linux, Vobcopy | 2025-04-09 | 4.9 MEDIUM | N/A |
| vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. | |||||
| CVE-2008-3930 | 1 Debian | 1 Citadel Server | 2025-04-09 | 6.9 MEDIUM | N/A |
| migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2009-1253 | 1 James Stone | 1 Tunapie | 2025-04-09 | 4.4 MEDIUM | N/A |
| James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file. | |||||
| CVE-2008-5149 | 1 Aucko | 1 Libncbi6 | 2025-04-09 | 6.9 MEDIUM | N/A |
| fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file. | |||||
| CVE-2008-5746 | 1 Sun | 2 Snmp Management Agent, Solaris | 2025-04-09 | 6.9 MEDIUM | N/A |
| Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files. | |||||
| CVE-2008-3927 | 1 Tiger | 1 Tiger | 2025-04-09 | 7.2 HIGH | N/A |
| genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2009-1962 | 2 Debian, Xfig | 2 Debian Linux, Xfig | 2025-04-09 | 4.4 MEDIUM | N/A |
| Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10) xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID] is a process ID. | |||||
| CVE-2008-4953 | 1 Firehol | 1 Firehol | 2025-04-09 | 6.9 MEDIUM | N/A |
| firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks. | |||||
| CVE-2009-2939 | 3 Debian, Postfix, Ubuntu | 3 Debian Linux, Postfix, Ubuntu Linux | 2025-04-09 | 6.9 MEDIUM | N/A |
| The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files. | |||||
| CVE-2008-5034 | 1 A Mennucc1 | 1 Printfilters-ppd | 2025-04-09 | 6.9 MEDIUM | N/A |
| master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filter.debug temporary file. NOTE: the vendor disputes this vulnerability, stating 'this package does not have " possibility of attack with the help of symlinks"' | |||||
| CVE-2008-4694 | 1 Opera | 1 Opera Browser | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. | |||||
| CVE-2008-4190 | 2 Openswan, Xelerance | 2 Openswan, Openswan | 2025-04-09 | 4.4 MEDIUM | N/A |
| The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled. | |||||