Total
1296 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0788 | 1 Ncpfs | 1 Ncpfs | 2025-04-11 | N/A |
| ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs. | ||||
| CVE-2009-5081 | 1 Gnu | 1 Groff | 2025-04-11 | N/A |
| The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969. | ||||
| CVE-2014-1876 | 2 Oracle, Redhat | 5 Openjdk, Enterprise Linux, Network Satellite and 2 more | 2025-04-11 | N/A |
| The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log. | ||||
| CVE-2014-1638 | 1 Debian | 1 Localepurge | 2025-04-11 | N/A |
| (1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename. | ||||
| CVE-2009-5080 | 1 Gnu | 1 Groff | 2025-04-11 | N/A |
| The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib/pic2graph/pic2graph.sh scripts in GNU troff (aka groff) 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files via a symlink attack on a file in a temporary directory, a different vulnerability than CVE-2004-1296. | ||||
| CVE-2009-5082 | 2 Gnu, Openwall | 2 Groff, Owl | 2025-04-11 | N/A |
| The (1) configure and (2) config.guess scripts in GNU troff (aka groff) 1.20.1 on Openwall GNU/*/Linux (aka Owl) improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2009-5044 | 2 Apple, Gnu | 2 Mac Os X, Groff | 2025-04-11 | N/A |
| contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. | ||||
| CVE-2009-5007 | 1 Cisco | 1 Anyconnect Ssl Vpn | 2025-04-11 | N/A |
| The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files. | ||||
| CVE-2010-0792 | 1 Thibault Godouet | 1 Fcron | 2025-04-11 | N/A |
| fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file. | ||||
| CVE-2010-0118 | 1 Becauseinter | 1 Bournal | 2025-04-11 | N/A |
| Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check. | ||||
| CVE-2013-4969 | 4 Canonical, Debian, Puppet and 1 more | 4 Ubuntu Linux, Debian Linux, Puppet Enterprise and 1 more | 2025-04-11 | N/A |
| Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. | ||||
| CVE-2009-5079 | 1 Gnu | 1 Groff | 2025-04-11 | N/A |
| The (1) gendef.sh, (2) doc/fixinfo.sh, and (3) contrib/gdiffmk/tests/runtests.in scripts in GNU troff (aka groff) 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro#####.tmp or /tmp/##### temporary file. | ||||
| CVE-2013-4169 | 2 Gnome, Redhat | 2 Gnome Display Manager, Enterprise Linux | 2025-04-11 | N/A |
| GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/. | ||||
| CVE-2013-4157 | 1 Redhat | 2 Storage, Storage Server | 2025-04-11 | N/A |
| Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the (1) e, (2) local-bricks.list, (3) bricks.err, or (4) limits.conf files in /tmp. | ||||
| CVE-2014-1640 | 1 Debian | 1 Axiom | 2025-04-11 | N/A |
| axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename. | ||||
| CVE-2013-6891 | 2 Apple, Canonical | 2 Cups, Ubuntu Linux | 2025-04-11 | N/A |
| lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf. | ||||
| CVE-2014-0027 | 1 Cmu | 1 Flite | 2025-04-11 | N/A |
| The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-6402 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-11 | N/A |
| base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file. | ||||
| CVE-2013-4214 | 2 Nagios, Redhat | 2 Nagios, Openstack | 2025-04-11 | N/A |
| rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpie_cache. | ||||
| CVE-2013-4392 | 1 Systemd Project | 1 Systemd | 2025-04-11 | N/A |
| systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. | ||||