Total
1363 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3456 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-09 | 6.4 MEDIUM | N/A |
| phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack. | |||||
| CVE-2008-4986 | 1 Georges Khaznadar | 1 Wims | 2025-04-09 | 6.9 MEDIUM | N/A |
| wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts. | |||||
| CVE-2008-4974 | 1 Netmrg | 1 Netmrg | 2025-04-09 | 6.9 MEDIUM | N/A |
| rrdedit in netmrg 0.20 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*.xml and (2) /tmp/*.backup temporary files. | |||||
| CVE-2008-4964 | 1 Krzysztof Kozlowski | 1 Konwert | 2025-04-09 | 6.9 MEDIUM | N/A |
| filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file. | |||||
| CVE-2007-5805 | 1 Ibm | 1 Aix | 2025-04-09 | 6.9 MEDIUM | N/A |
| cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804. | |||||
| CVE-2007-4224 | 1 Kde | 1 Konqueror | 2025-04-09 | 4.3 MEDIUM | N/A |
| KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. | |||||
| CVE-2008-4942 | 1 Audiolink | 1 Audiolink | 2025-04-09 | 6.9 MEDIUM | N/A |
| audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files. | |||||
| CVE-2008-5367 | 1 Marco D\'itri | 1 Ppp-udeb | 2025-04-09 | 6.9 MEDIUM | N/A |
| ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file. | |||||
| CVE-2007-3103 | 2 Fedoraproject, Redhat | 4 Fedora Core, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2025-04-09 | 6.2 MEDIUM | N/A |
| The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. | |||||
| CVE-2009-1297 | 2 Novell, Opensuse | 2 Suse Linux, Opensuse | 2025-04-09 | 4.4 MEDIUM | N/A |
| iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name. | |||||
| CVE-2009-1753 | 1 Emn | 1 Coccinelle | 2025-04-09 | 3.3 LOW | N/A |
| Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file." | |||||
| CVE-2008-4970 | 1 Lustre | 1 Lustre-tests | 2025-04-09 | 6.9 MEDIUM | N/A |
| runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file. | |||||
| CVE-2008-5148 | 1 Geda | 1 Gnetlist | 2025-04-09 | 6.9 MEDIUM | N/A |
| sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file. | |||||
| CVE-2009-4454 | 1 Saini | 1 Videocache | 2025-04-09 | 3.3 LOW | N/A |
| vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite arbitrary files via a symlink attack on /var/log/videocache/vccleaner.log. | |||||
| CVE-2008-5368 | 1 Lukas Ruf | 1 Muttprint | 2025-04-09 | 6.9 MEDIUM | N/A |
| muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file. | |||||
| CVE-2008-4968 | 1 Bitmover | 1 Lmbench | 2025-04-09 | 6.9 MEDIUM | N/A |
| The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file. | |||||
| CVE-2007-3921 | 1 Gforge | 1 Gforge | 2025-04-09 | 3.3 LOW | N/A |
| gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2009-0321 | 2 Apple, Microsoft | 2 Safari, Windows | 2025-04-09 | 4.3 MEDIUM | N/A |
| Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . (dot) or (2) .. (dot dot) sequence. | |||||
| CVE-2008-3699 | 1 Amarok | 1 Amarok | 2025-04-09 | 3.3 LOW | N/A |
| The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file. | |||||
| CVE-2009-4193 | 1 Merkaartor | 1 Merkaartor | 2025-04-09 | 3.3 LOW | N/A |
| Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the /tmp/merkaartor.log temporary file. | |||||