Total
1309 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5371 | 1 Marc Gloor | 1 Screenie | 2025-04-09 | 6.9 MEDIUM | N/A |
| screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie.##### temporary file. | |||||
| CVE-2008-3699 | 1 Amarok | 1 Amarok | 2025-04-09 | 3.3 LOW | N/A |
| The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file. | |||||
| CVE-2008-5704 | 1 Gpsdrive | 1 Gpsdrive | 2025-04-09 | 7.6 HIGH | N/A |
| src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380. | |||||
| CVE-2008-4580 | 1 Gentoo | 2 Cman, Fence | 2025-04-09 | 7.2 HIGH | N/A |
| fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file. | |||||
| CVE-2008-4948 | 1 Nostatic | 1 Digitaldj | 2025-04-09 | 6.9 MEDIUM | N/A |
| fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file. | |||||
| CVE-2008-4938 | 1 Aegis | 2 Aegis, Aegis-web | 2025-04-09 | 6.9 MEDIUM | N/A |
| aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h) /tmp/aegis.#####.out temporary files, related to the (1) bng_dvlpd.sh, (2) bng_rvwd.sh, (3) awt_dvlp.sh, (4) awt_intgrtn.sh, and (5) aegis.cgi scripts. | |||||
| CVE-2007-3921 | 1 Gforge | 1 Gforge | 2025-04-09 | 3.3 LOW | N/A |
| gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2008-1103 | 1 Blender | 1 Blender | 2025-04-09 | 6.9 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues." | |||||
| CVE-2008-6760 | 1 Viart | 1 Viart Shop | 2025-04-09 | 4.3 MEDIUM | N/A |
| ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an unauthenticated add and save action for a shopping cart in cart_save.php, which reveals the SQL table names in an error message, related to code that mishandles the lack of a user_id parameter. | |||||
| CVE-2009-0416 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2025-04-09 | 6.9 MEDIUM | N/A |
| The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | |||||
| CVE-2008-5367 | 1 Marco D\'itri | 1 Ppp-udeb | 2025-04-09 | 6.9 MEDIUM | N/A |
| ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file. | |||||
| CVE-2008-4995 | 1 Jose M.vidal | 1 Bk2site | 2025-04-09 | 6.9 MEDIUM | N/A |
| redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default. | |||||
| CVE-2008-4476 | 1 Sympa | 1 Sympa | 2025-04-09 | 6.9 MEDIUM | N/A |
| sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability. | |||||
| CVE-2008-4694 | 1 Opera | 1 Opera Browser | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. | |||||
| CVE-2022-3592 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2025-04-08 | N/A | 6.5 MEDIUM |
| A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem. | |||||
| CVE-2020-0638 | 1 Microsoft | 9 Windows 10 1709, Windows 10 1803, Windows 10 1809 and 6 more | 2025-04-08 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1315 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1703, Windows 10 1709 and 10 more | 2025-04-08 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342. | |||||
| CVE-2019-1385 | 1 Microsoft | 6 Windows 10 1709, Windows 10 1803, Windows 10 1809 and 3 more | 2025-04-08 | 6.1 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. | |||||
| CVE-2023-29351 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-08 | N/A | 8.1 HIGH |
| Windows Group Policy Elevation of Privilege Vulnerability | |||||
| CVE-2025-24278 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data. | |||||