Search Results (7481 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-1384 1 Ibm 2 Aix, Invscout.rte 2025-04-11 N/A
The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file.
CVE-2010-0787 2 Redhat, Samba 2 Enterprise Linux, Samba 2025-04-11 N/A
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.
CVE-2012-2441 1 Siemens 1 Ruggedcom Rugged Operating System 2025-04-11 N/A
RuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derived from the MAC Address field in a banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) SSH or (2) HTTPS session, a different vulnerability than CVE-2012-1803.
CVE-2010-3879 2 Libfuse Project, Redhat 2 Libfuse, Enterprise Linux 2025-04-11 N/A
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789.
CVE-2010-4173 1 Openfabrics 1 Libsdp 2025-04-11 N/A
The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file.
CVE-2011-3887 2 Apple, Google 3 Iphone Os, Safari, Chrome 2025-04-11 N/A
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors.
CVE-2011-2473 1 Maynard Johnson 1 Oprofile 2025-04-11 N/A
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.
CVE-2013-4271 2 Redhat, Restlet 6 Fuse Esb Enterprise, Fuse Management Console, Fuse Mq Enterprise and 3 more 2025-04-11 N/A
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers to execute arbitrary Java code via a serialized object, a different vulnerability than CVE-2013-4221.
CVE-2012-4028 1 Tridium 1 Niagara Ax 2025-04-11 N/A
Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authentication.
CVE-2012-0808 1 Bdale Garbee 1 As31 2025-04-11 N/A
as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack.
CVE-2012-3268 2 Hp, Huawei 675 0150a129, 0150a12a, 0150a12b and 672 more 2025-04-11 N/A
Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community.
CVE-2011-2894 2 Redhat, Vmware 3 Jboss Soa Platform, Spring Framework, Spring Security 2025-04-11 N/A
Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang.Runtime class.
CVE-2013-0927 1 Google 1 Chrome Os 2025-04-11 N/A
Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data.
CVE-2010-0832 1 Canonical 1 Ubuntu Linux 2025-04-11 N/A
pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to "user file stamps" and the motd.legal-notice file.
CVE-2012-3025 1 Tridium 1 Niagara Ax 2025-04-11 N/A
The default configuration of Tridium Niagara AX Framework through 3.6 uses a cleartext base64 format for transmission of credentials in cookies, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2012-3440 2 Redhat, Todd Miller 2 Enterprise Linux, Sudo 2025-04-11 N/A
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.
CVE-2010-1626 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-11 N/A
MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
CVE-2013-1444 2 Debian, Marc Vertes 2 Txt2man, Txt2man 2025-04-11 N/A
A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.
CVE-2014-0027 1 Cmu 1 Flite 2025-04-11 N/A
The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.
CVE-2010-1160 1 Gnu 1 Nano 2025-04-11 N/A
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim.