Total
1447 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4474 | 1 Freeradius | 1 Freeradius | 2025-04-09 | N/A |
| freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct. | ||||
| CVE-2008-6760 | 1 Viart | 1 Viart Shop | 2025-04-09 | N/A |
| ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an unauthenticated add and save action for a shopping cart in cart_save.php, which reveals the SQL table names in an error message, related to code that mishandles the lack of a user_id parameter. | ||||
| CVE-2008-4978 | 1 Radiance | 1 Radiance | 2025-04-09 | N/A |
| radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (g) /tmp/tl#####.pic, (h) /tmp/ds#####.pic, (i) /tmp/tfa#####, and (j) /tmp/sed##### temporary files, related to the (1) optics2rad, (2) pdelta, (3) dayfact, and (4) raddepend scripts. | ||||
| CVE-2008-5140 | 1 Debian | 1 Mailscanner | 2025-04-09 | N/A |
| trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file. | ||||
| CVE-2008-5156 | 1 Dann Frazier | 1 Systemimager-server | 2025-04-09 | N/A |
| si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.inetd.conf or (2) /tmp/pxe.conf.*.tmp temporary file. | ||||
| CVE-2008-5148 | 1 Geda | 1 Gnetlist | 2025-04-09 | N/A |
| sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file. | ||||
| CVE-2008-4994 | 1 Ti Kan | 1 Xmcd | 2025-04-09 | N/A |
| The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file. | ||||
| CVE-2008-4970 | 1 Lustre | 1 Lustre-tests | 2025-04-09 | N/A |
| runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file. | ||||
| CVE-2008-5135 | 1 Debian | 1 Os-prober | 2025-04-09 | N/A |
| os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users. | ||||
| CVE-2008-5151 | 1 Abottoms | 1 Mayavi | 2025-04-09 | N/A |
| test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file. | ||||
| CVE-2008-4969 | 1 Alastair Mckinstry | 1 Ltp-network-test | 2025-04-09 | N/A |
| ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts. | ||||
| CVE-2008-5154 | 1 Koeniglich | 1 P3nfs | 2025-04-09 | N/A |
| bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/blue.log temporary file. | ||||
| CVE-2009-0416 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2025-04-09 | N/A |
| The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | ||||
| CVE-2008-2266 | 2 Nzbget, Uudeview | 2 Nzbget, Uudeview | 2025-04-09 | N/A |
| uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression. | ||||
| CVE-2008-6759 | 1 Viart | 1 Viart Shop | 2025-04-09 | N/A |
| ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL in the POST_DATA parameter to manuals_search.php, which reveals the installation path in an error message. | ||||
| CVE-2009-0473 | 1 Rockwellautomation | 1 Controllogix 1756-enbt\/a Ethernet\/ Ip Bridge | 2025-04-09 | N/A |
| Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2007-2978 | 1 Eggblog | 1 Eggblog | 2025-04-09 | N/A |
| Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||
| CVE-2009-4193 | 1 Merkaartor | 1 Merkaartor | 2025-04-09 | N/A |
| Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the /tmp/merkaartor.log temporary file. | ||||
| CVE-2008-5143 | 1 Mohammed Sameer | 1 Multi-gnome-terminal | 2025-04-09 | N/A |
| mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.debug or (2) /tmp/*.env temporary file. | ||||
| CVE-2008-4959 | 1 Gpsdrive | 1 Gpsdrive-scripts | 2025-04-09 | N/A |
| geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files. | ||||