Total
1263 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0796 | 1 Opensuse | 1 Open Buildservice | 2024-11-21 | 4.6 MEDIUM | 6.3 MEDIUM |
| In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial of service attacks on the source service. | |||||
| CVE-2014-5509 | 1 Clipboard Project | 1 Clipboard | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a symlink attack on /tmp/clipedit$$. | |||||
| CVE-2014-4996 | 1 Vladtheenterprising Project | 1 Vladtheenterprising | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}. | |||||
| CVE-2014-4150 | 1 S48 | 1 Scheme48 | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp. | |||||
| CVE-2014-3219 | 2 Fedoraproject, Fishshell | 2 Fedora, Fish | 2024-11-21 | 4.3 MEDIUM | 7.8 HIGH |
| fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER. | |||||
| CVE-2014-2312 | 1 Intel | 1 Thermald | 2024-11-21 | 6.6 MEDIUM | 5.5 MEDIUM |
| The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid. | |||||
| CVE-2014-1938 | 1 Rply Project | 1 Rply | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| python-rply before 0.7.4 insecurely creates temporary files. | |||||
| CVE-2014-1859 | 3 Fedoraproject, Numpy, Redhat | 3 Fedora, Numpy, Enterprise Linux | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| (1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2014-1420 | 1 Canonical | 1 Ubuntu-ui-toolkit | 2024-11-21 | 2.1 LOW | 3.8 LOW |
| On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the O_EXCL flag. An attacker could exploit this to launch a symlink attack, though this is partially mitigated by symlink and hardlink restrictions in Ubuntu. Fixed in 1.1.1188+14.10.20140813.4-0ubuntu1. | |||||
| CVE-2014-0243 | 1 Check Mk Project | 1 Check Mk | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job. | |||||
| CVE-2013-4655 | 1 Belkin | 2 N900, N900 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service. | |||||
| CVE-2013-4364 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| (1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp. | |||||
| CVE-2013-4184 | 2 Data\, Debian | 2 \, Debian Linux | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks | |||||
| CVE-2013-1867 | 1 Apple | 2 Mac Os X, Tokend | 2024-11-21 | 6.3 MEDIUM | 6.1 MEDIUM |
| Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability | |||||
| CVE-2013-1866 | 2 Apple, Opensc Project | 2 Mac Os X, Opensc | 2024-11-21 | 6.3 MEDIUM | 6.1 MEDIUM |
| OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability | |||||
| CVE-2013-1809 | 2 Debian, Gambas Project | 2 Debian Linux, Gambas | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. | |||||
| CVE-2013-1429 | 2 Canonical, Debian | 3 Ubuntu Linux, Debian Linux, Lintian | 2024-11-21 | 4.3 MEDIUM | 6.3 MEDIUM |
| Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. | |||||
| CVE-2013-0159 | 1 Fedoraproject | 1 Fedora | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg. | |||||
| CVE-2012-6114 | 1 Git-extras Project | 1 Git-extras | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort. | |||||
| CVE-2012-2945 | 1 Apache | 1 Hadoop | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Hadoop 1.0.3 contains a symlink vulnerability. | |||||