Total
1384 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0054 | 1 Golismero | 1 Golismero | 2025-04-11 | N/A |
| libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat. | ||||
| CVE-2009-5044 | 2 Apple, Gnu | 2 Mac Os X, Groff | 2025-04-11 | N/A |
| contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. | ||||
| CVE-2022-36943 | 1 Ssziparchive Project | 1 Ssziparchive | 2025-04-10 | 8.1 High |
| SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item. | ||||
| CVE-2008-5147 | 1 Holloway | 1 Docvert | 2025-04-09 | N/A |
| test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file. | ||||
| CVE-2008-4939 | 1 Apertium | 1 Apertium | 2025-04-09 | N/A |
| apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts. | ||||
| CVE-2008-5146 | 1 Erl Wustl | 1 Ctn | 2025-04-09 | N/A |
| add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file. | ||||
| CVE-2008-4954 | 1 Fumitoshi Ukai | 1 Fml | 2025-04-09 | N/A |
| mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file. | ||||
| CVE-2008-4908 | 2 Crossfire, Debian | 2 Crossfire, Debian Linux | 2025-04-09 | N/A |
| maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2008-4476 | 1 Sympa | 1 Sympa | 2025-04-09 | N/A |
| sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability. | ||||
| CVE-2008-5007 | 1 Lazarus | 1 Lazarus | 2025-04-09 | N/A |
| create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory. | ||||
| CVE-2008-0870 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | N/A |
| BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. | ||||
| CVE-2008-4970 | 1 Lustre | 1 Lustre-tests | 2025-04-09 | N/A |
| runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file. | ||||
| CVE-2008-4957 | 1 Gccxml | 1 Gccxml | 2025-04-09 | N/A |
| find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file. | ||||
| CVE-2008-4475 | 1 Gnu | 1 Ibackup | 2025-04-09 | N/A |
| ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2008-4955 | 1 Duncan Webb | 1 Freevo | 2025-04-09 | N/A |
| freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code. | ||||
| CVE-2008-4977 | 1 Postfix | 1 Postfix | 2025-04-09 | N/A |
| postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it. | ||||
| CVE-2007-5718 | 2 Debian, Vobcopy | 2 Debian Linux, Vobcopy | 2025-04-09 | N/A |
| vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. | ||||
| CVE-2008-4943 | 1 Iglues | 1 Bulmages-servers | 2025-04-09 | N/A |
| bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts. | ||||
| CVE-2008-4944 | 1 Gleydson Mazioli Da Silva | 1 Cdcontrol | 2025-04-09 | N/A |
| writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files. | ||||
| CVE-2008-4953 | 1 Firehol | 1 Firehol | 2025-04-09 | N/A |
| firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks. | ||||