Total
1174 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-2029 | 1 Redhat | 1 Openstack | 2024-08-06 | N/A |
nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary nagioscfg file with a predictable name in /tmp/. | ||||
CVE-2013-1976 | 1 Redhat | 2 Enterprise Linux, Jboss Enterprise Web Server | 2024-08-06 | N/A |
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log. | ||||
CVE-2013-1888 | 2 Fedoraproject, Pypa | 2 Fedora, Pip | 2024-08-06 | N/A |
pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory. | ||||
CVE-2013-1867 | 1 Apple | 2 Mac Os X, Tokend | 2024-08-06 | 6.1 Medium |
Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability | ||||
CVE-2013-1866 | 2 Apple, Opensc Project | 2 Mac Os X, Opensc | 2024-08-06 | 6.1 Medium |
OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability | ||||
CVE-2013-1809 | 2 Debian, Gambas Project | 2 Debian Linux, Gambas | 2024-08-06 | 7.5 High |
Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. | ||||
CVE-2013-1444 | 2 Debian, Marc Vertes | 2 Txt2man, Txt2man | 2024-08-06 | N/A |
A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222. | ||||
CVE-2013-1495 | 1 Oracle | 1 Support Tools | 2024-08-06 | N/A |
asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp. | ||||
CVE-2013-1429 | 2 Canonical, Debian | 3 Ubuntu Linux, Debian Linux, Lintian | 2024-08-06 | 6.3 Medium |
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. | ||||
CVE-2023-41969 | 2024-08-06 | 7.3 High | ||
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp issue reporting file from the unprivileged end user access and modification. Fixed version: Win ZApp 4.3.0 and later. | ||||
CVE-2013-0350 | 1 David Leonard | 1 Pkstat | 2024-08-06 | N/A |
tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary files via a symlink attack on /tmp/smtp.log. | ||||
CVE-2013-0200 | 2 Hp, Redhat | 2 Linux Imaging And Printing Project, Enterprise Linux | 2024-08-06 | N/A |
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722. | ||||
CVE-2013-0159 | 1 Fedoraproject | 1 Fedora | 2024-08-06 | N/A |
The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg. | ||||
CVE-2014-9512 | 3 Opensuse, Oracle, Samba | 3 Opensuse, Solaris, Rsync | 2024-08-06 | N/A |
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. | ||||
CVE-2014-9508 | 1 Typo3 | 1 Typo3 | 2024-08-06 | N/A |
The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only contain anchors, allows remote attackers to change URLs to arbitrary domains for those links via unknown vectors. | ||||
CVE-2014-8585 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2024-08-06 | N/A |
Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php. | ||||
CVE-2014-7206 | 1 Debian | 2 Advanced Package Tool, Apt | 2024-08-06 | N/A |
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file. | ||||
CVE-2014-6407 | 2 Docker, Redhat | 2 Docker, Rhel Extras Other | 2024-08-06 | N/A |
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation. | ||||
CVE-2014-5459 | 3 Opensuse, Oracle, Php | 4 Evergreen, Opensuse, Solaris and 1 more | 2024-08-06 | N/A |
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions. | ||||
CVE-2014-5509 | 1 Clipboard Project | 1 Clipboard | 2024-08-06 | N/A |
clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a symlink attack on /tmp/clipedit$$. |