Total
1309 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1901 | 1 Debian | 1 Aptlinex | 2025-04-09 | 7.2 HIGH | N/A |
| aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file. | |||||
| CVE-2008-5312 | 1 Mailscanner | 1 Mailscanner | 2025-04-09 | 6.9 MEDIUM | N/A |
| mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140. | |||||
| CVE-2008-4945 | 1 Tivano | 1 Cdrw-taper | 2025-04-09 | 6.9 MEDIUM | N/A |
| amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory. | |||||
| CVE-2007-5940 | 1 Tug | 1 Texlive 2007 | 2025-04-09 | 4.6 MEDIUM | N/A |
| feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file. | |||||
| CVE-2008-5142 | 1 Freebsd | 1 Freebsd-sendpr | 2025-04-09 | 6.9 MEDIUM | N/A |
| sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file. | |||||
| CVE-2008-4908 | 2 Crossfire, Debian | 2 Crossfire, Debian Linux | 2025-04-09 | 3.3 LOW | N/A |
| maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2008-4966 | 1 Openswan | 1 Linux-patch-openswan | 2025-04-09 | 6.9 MEDIUM | N/A |
| linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts. | |||||
| CVE-1999-1593 | 1 Microsoft | 3 Windows 2000, Windows 95, Windows 98 | 2025-04-09 | 7.6 HIGH | N/A |
| Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable. | |||||
| CVE-2007-5718 | 2 Debian, Vobcopy | 2 Debian Linux, Vobcopy | 2025-04-09 | 4.9 MEDIUM | N/A |
| vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. | |||||
| CVE-2007-3916 | 1 Skk Openlab | 1 Skk Tools | 2025-04-09 | 4.4 MEDIUM | N/A |
| The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file. | |||||
| CVE-2008-4104 | 1 Joomla | 1 Joomla | 2025-04-09 | 5.8 MEDIUM | N/A |
| Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL. | |||||
| CVE-2007-4652 | 1 Php | 1 Php | 2025-04-09 | 4.4 MEDIUM | N/A |
| The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink. | |||||
| CVE-2008-4947 | 1 Guus Sliepen | 1 Dhis-server | 2025-04-09 | 6.9 MEDIUM | N/A |
| dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file. | |||||
| CVE-2008-3456 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-09 | 6.4 MEDIUM | N/A |
| phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack. | |||||
| CVE-2008-5150 | 1 Jose Carlos Medeiros | 1 Maildirsync | 2025-04-09 | 6.9 MEDIUM | N/A |
| sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file. | |||||
| CVE-2008-5368 | 1 Lukas Ruf | 1 Muttprint | 2025-04-09 | 6.9 MEDIUM | N/A |
| muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file. | |||||
| CVE-2008-4972 | 1 Steve Robbins | 1 Mgt | 2025-04-09 | 6.9 MEDIUM | N/A |
| mailgo in mgt 2.31 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mailgo##### temporary file. | |||||
| CVE-2008-5703 | 1 Gpsdrive | 1 Gpsdrive | 2025-04-09 | 6.2 MEDIUM | N/A |
| gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) examples/gpssmswatch and (2) src/splash.c, different vectors than CVE-2008-4959 and CVE-2008-5380. | |||||
| CVE-2008-4996 | 1 Debian | 1 Initramfs-tools | 2025-04-09 | 6.9 MEDIUM | 5.5 MEDIUM |
| init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable. | |||||
| CVE-2007-3103 | 2 Fedoraproject, Redhat | 4 Fedora Core, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2025-04-09 | 6.2 MEDIUM | N/A |
| The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. | |||||