Total
925 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4990 | 1 Enomaly | 1 Elastic Computing Platform | 2018-10-11 | 6.9 MEDIUM | N/A |
| Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file. | |||||
| CVE-2008-4162 | 1 Nooms | 1 Nooms | 2018-10-11 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | |||||
| CVE-2008-3261 | 1 Claroline | 1 Claroline | 2018-10-11 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | |||||
| CVE-2008-1241 | 1 Mozilla | 2 Firefox, Seamonkey | 2018-10-11 | 4.3 MEDIUM | N/A |
| GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab. | |||||
| CVE-2008-1199 | 1 Dovecot | 1 Dovecot | 2018-10-11 | 4.4 MEDIUM | N/A |
| Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack. | |||||
| CVE-2010-2027 | 2 Linux, Wolfram Research | 2 Linux Kernel, Mathematica | 2018-10-10 | 1.9 LOW | N/A |
| Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | |||||
| CVE-2010-1183 | 1 Sun | 1 Solaris | 2018-10-10 | 3.3 LOW | N/A |
| Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager. | |||||
| CVE-2010-0792 | 1 Thibault Godouet | 1 Fcron | 2018-10-10 | 1.9 LOW | N/A |
| fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file. | |||||
| CVE-2010-0788 | 1 Ncpfs | 1 Ncpfs | 2018-10-10 | 4.4 MEDIUM | N/A |
| ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs. | |||||
| CVE-2010-0439 | 1 Chip Salzenberg | 1 Deliver | 2018-10-10 | 6.9 MEDIUM | N/A |
| Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file. | |||||
| CVE-2010-0118 | 1 Becauseinter | 1 Bournal | 2018-10-10 | 3.3 LOW | N/A |
| Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check. | |||||
| CVE-2009-4454 | 1 Saini | 1 Videocache | 2018-10-10 | 3.3 LOW | N/A |
| vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite arbitrary files via a symlink attack on /var/log/videocache/vccleaner.log. | |||||
| CVE-2015-7724 | 1 Amd | 1 Fglrx-driver | 2018-10-09 | 7.2 HIGH | 7.8 HIGH |
| AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723. | |||||
| CVE-2015-7723 | 1 Amd | 1 Fglrx-driver | 2018-10-09 | 7.2 HIGH | 7.8 HIGH |
| AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. | |||||
| CVE-2011-1073 | 2 Apple, Freebsd | 2 Mac Os X, Freebsd | 2018-10-09 | 1.9 LOW | N/A |
| crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and (2) perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on /tmp/crontab.XXXXXXXXXX temporary files. | |||||
| CVE-2008-5373 | 1 Bacula | 1 Bacula | 2018-10-09 | 6.9 MEDIUM | N/A |
| mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mtx.##### temporary file, probably a related issue to CVE-2005-2995. | |||||
| CVE-2008-1694 | 1 Gnu | 2 Emacs, Sccs | 2018-10-03 | 4.6 MEDIUM | N/A |
| vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2014-4150 | 1 S48 | 1 Scheme48 | 2018-09-18 | 3.6 LOW | 5.5 MEDIUM |
| The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp. | |||||
| CVE-2014-0243 | 1 Check Mk Project | 1 Check Mk | 2018-09-17 | 2.1 LOW | 5.5 MEDIUM |
| Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job. | |||||
| CVE-2018-13054 | 2 Debian, Linuxmint | 2 Debian Linux, Cinnamon | 2018-09-04 | 5.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content. | |||||