Total
1447 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-2053 | 1 Emesene | 1 Emesene | 2025-04-11 | N/A |
| emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file. | ||||
| CVE-2010-2431 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2025-04-11 | N/A |
| The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file. | ||||
| CVE-2010-2027 | 2 Linux, Wolfram Research | 2 Linux Kernel, Mathematica | 2025-04-11 | N/A |
| Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | ||||
| CVE-2010-2794 | 2 Mozilla, Redhat | 3 Firefox, Enterprise Linux, Spice-xpi | 2025-04-11 | N/A |
| The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file. | ||||
| CVE-2011-1072 | 2 Php, Redhat | 2 Pear, Enterprise Linux | 2025-04-11 | N/A |
| The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519. | ||||
| CVE-2011-4105 | 1 Robert Ancell | 1 Lightdm | 2025-04-11 | N/A |
| LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority. | ||||
| CVE-2014-0027 | 1 Cmu | 1 Flite | 2025-04-11 | N/A |
| The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-0017 | 1 Exim | 1 Exim | 2025-04-11 | N/A |
| The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack. | ||||
| CVE-2010-1693 | 1 Openfabrics | 1 Enterprise Distribution | 2025-04-11 | N/A |
| openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file. | ||||
| CVE-2010-4173 | 1 Openfabrics | 1 Libsdp | 2025-04-11 | N/A |
| The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file. | ||||
| CVE-2014-1624 | 1 Python | 1 Pyxdg | 2025-04-11 | N/A |
| Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called. | ||||
| CVE-2008-5372 | 1 Jonas Smedegaard | 1 Sdm-terminal | 2025-04-09 | N/A |
| sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file. | ||||
| CVE-2008-5140 | 1 Debian | 1 Mailscanner | 2025-04-09 | N/A |
| trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file. | ||||
| CVE-2008-4994 | 1 Ti Kan | 1 Xmcd | 2025-04-09 | N/A |
| The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file. | ||||
| CVE-2008-5371 | 1 Marc Gloor | 1 Screenie | 2025-04-09 | N/A |
| screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie.##### temporary file. | ||||
| CVE-2008-4948 | 1 Nostatic | 1 Digitaldj | 2025-04-09 | N/A |
| fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file. | ||||
| CVE-2008-4967 | 1 Linuxtrade | 1 Linuxtrade | 2025-04-09 | N/A |
| linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts. | ||||
| CVE-2008-5141 | 1 Dann Frazier | 1 Flamethrower | 2025-04-09 | N/A |
| flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file. | ||||
| CVE-2008-5370 | 1 Pvpgn | 1 Pvpgn | 2025-04-09 | N/A |
| pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file. | ||||
| CVE-2008-0930 | 2 Debian, Freshmeat | 2 Debian Linux, Xwine | 2025-04-09 | N/A |
| w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information. | ||||