Total
1447 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4993 | 2 Redhat, Xen | 2 Enterprise Linux, Xen | 2025-04-09 | N/A |
| qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file. | ||||
| CVE-2008-4970 | 1 Lustre | 1 Lustre-tests | 2025-04-09 | N/A |
| runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file. | ||||
| CVE-2008-0732 | 2 Apache, Suse | 2 Geronimo, Suse Linux | 2025-04-09 | N/A |
| The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories. | ||||
| CVE-2008-4957 | 1 Gccxml | 1 Gccxml | 2025-04-09 | N/A |
| find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file. | ||||
| CVE-2008-4987 | 1 Xastir | 1 Xastir | 2025-04-09 | N/A |
| xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts. | ||||
| CVE-2008-4984 | 1 Freedesktop | 1 Scratchbox2 | 2025-04-09 | N/A |
| scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts. | ||||
| CVE-2008-5144 | 1 Federico Di Gregorio | 1 Nvidia-cg-toolkit | 2025-04-09 | N/A |
| nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file. | ||||
| CVE-2008-4981 | 1 Remi Vanicat | 1 Realtimebattle | 2025-04-09 | N/A |
| perl.robot in realtimebattle 1.0.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl.robot.log temporary file. | ||||
| CVE-2009-4030 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2025-04-09 | N/A |
| MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079. | ||||
| CVE-2008-4980 | 1 Zak B Elep | 1 Rccp | 2025-04-09 | N/A |
| delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file. | ||||
| CVE-2007-3916 | 1 Skk Openlab | 1 Skk Tools | 2025-04-09 | N/A |
| The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file. | ||||
| CVE-2008-4979 | 1 Shrubbery | 1 Rancid | 2025-04-09 | N/A |
| getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /tmp/ipacct.##### temporary files. | ||||
| CVE-2008-4985 | 1 Cadsoft | 1 Vdr | 2025-04-09 | N/A |
| vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/memleaktest.log temporary file. | ||||
| CVE-2008-3261 | 1 Claroline | 1 Claroline | 2025-04-09 | N/A |
| Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | ||||
| CVE-2008-4975 | 1 Debian | 1 Newsgate | 2025-04-09 | N/A |
| mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file. | ||||
| CVE-2008-4974 | 1 Netmrg | 1 Netmrg | 2025-04-09 | N/A |
| rrdedit in netmrg 0.20 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*.xml and (2) /tmp/*.backup temporary files. | ||||
| CVE-2008-4935 | 1 Amiga | 1 Aview | 2025-04-09 | N/A |
| asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview#####.pgm temporary file. | ||||
| CVE-2008-4973 | 1 Debian | 1 Myspell | 2025-04-09 | N/A |
| i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/i2my#####.1 and (2) /tmp/i2my#####.2 temporary files. | ||||
| CVE-2008-4832 | 1 Rpath | 3 Appliance Platform Linux Service, Initscripts, Linux | 2025-04-09 | N/A |
| rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | ||||
| CVE-2008-4948 | 1 Nostatic | 1 Digitaldj | 2025-04-09 | N/A |
| fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file. | ||||