Total
1363 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5155 | 1 Smsclient | 1 Smsclient | 2025-04-09 | 9.3 HIGH | N/A |
| mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file. | |||||
| CVE-2008-3261 | 1 Claroline | 1 Claroline | 2025-04-09 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | |||||
| CVE-2008-4553 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-09 | 7.2 HIGH | N/A |
| qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories. | |||||
| CVE-2008-4993 | 1 Xen | 1 Xen | 2025-04-09 | 6.9 MEDIUM | N/A |
| qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file. | |||||
| CVE-2008-5372 | 1 Jonas Smedegaard | 1 Sdm-terminal | 2025-04-09 | 6.9 MEDIUM | N/A |
| sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file. | |||||
| CVE-2007-5437 | 1 Broadcom | 1 Etrust Integrated Threat Management | 2025-04-09 | 5.8 MEDIUM | N/A |
| The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689. | |||||
| CVE-2008-5146 | 1 Erl Wustl | 1 Ctn | 2025-04-09 | 6.9 MEDIUM | N/A |
| add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file. | |||||
| CVE-2006-5851 | 1 Openbase International Ltd | 1 Openbase | 2025-04-09 | 2.1 LOW | N/A |
| openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328. | |||||
| CVE-2008-3928 | 1 Debian | 1 Honeyd Common | 2025-04-09 | 6.9 MEDIUM | N/A |
| test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2009-0876 | 2 Linux, Sun | 2 Linux Kernel, Xvm Virtualbox | 2025-04-09 | 6.9 MEDIUM | N/A |
| Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN. | |||||
| CVE-2009-0347 | 1 Autonomy | 1 Ultraseek | 2025-04-09 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. | |||||
| CVE-2007-3919 | 2 Debian, Xensource Inc | 2 Debian Linux, Xen | 2025-04-09 | 6.0 MEDIUM | N/A |
| (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | |||||
| CVE-2008-5150 | 1 Jose Carlos Medeiros | 1 Maildirsync | 2025-04-09 | 6.9 MEDIUM | N/A |
| sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file. | |||||
| CVE-2008-5153 | 1 Moodle | 1 Moodle | 2025-04-09 | 6.9 MEDIUM | N/A |
| spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file. | |||||
| CVE-2008-0613 | 1 Xoops | 1 Xoops | 2025-04-09 | 5.0 MEDIUM | N/A |
| Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter. | |||||
| CVE-2008-5299 | 1 Karakas-online | 1 Chm2pdf | 2025-04-09 | 6.9 MEDIUM | N/A |
| chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories. | |||||
| CVE-2008-4998 | 1 Twiki | 1 Twiki | 2025-04-09 | 6.9 MEDIUM | N/A |
| postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid. | |||||
| CVE-2008-0930 | 2 Debian, Freshmeat | 2 Debian Linux, Xwine | 2025-04-09 | 7.2 HIGH | N/A |
| w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0416 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2025-04-09 | 6.9 MEDIUM | N/A |
| The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | |||||
| CVE-2008-4832 | 1 Rpath | 3 Appliance Platform Linux Service, Initscripts, Linux | 2025-04-09 | 6.9 MEDIUM | N/A |
| rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | |||||