Total
1356 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2010-1693 | 1 Openfabrics | 1 Enterprise Distribution | 2025-04-11 | N/A |
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file. | ||||
CVE-2010-2192 | 1 Vincent Fourmond | 1 Pmount | 2025-04-11 | N/A |
The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/. | ||||
CVE-2013-6891 | 2 Apple, Canonical | 2 Cups, Ubuntu Linux | 2025-04-11 | N/A |
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf. | ||||
CVE-2009-1299 | 1 Pulseaudio | 1 Pulseaudio | 2025-04-11 | N/A |
The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file. | ||||
CVE-2010-0832 | 1 Canonical | 1 Ubuntu Linux | 2025-04-11 | N/A |
pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to "user file stamps" and the motd.legal-notice file. | ||||
CVE-2010-2027 | 2 Linux, Wolfram Research | 2 Linux Kernel, Mathematica | 2025-04-11 | N/A |
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | ||||
CVE-2009-4664 | 2 Fwbuilder, Linux | 2 Firewall Builder, Linux Kernel | 2025-04-11 | N/A |
Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script. | ||||
CVE-2010-0787 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-11 | N/A |
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. | ||||
CVE-2013-1495 | 1 Oracle | 1 Support Tools | 2025-04-11 | N/A |
asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp. | ||||
CVE-2010-0546 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder. | ||||
CVE-2011-0007 | 1 Troglobit | 1 Pimd | 2025-04-11 | N/A |
pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a USR1 signal is sent, or (2) pimd.cache when USR2 is sent. | ||||
CVE-2011-1920 | 2 Ihji, Netbsd | 2 Pmake, Netbsd | 2025-04-11 | N/A |
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk. | ||||
CVE-2010-0439 | 1 Chip Salzenberg | 1 Deliver | 2025-04-11 | N/A |
Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file. | ||||
CVE-2011-4617 | 1 Python | 1 Virtualenv | 2025-04-11 | N/A |
virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/. | ||||
CVE-2010-0156 | 1 Puppet | 1 Puppet | 2025-04-11 | N/A |
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file. | ||||
CVE-2010-0789 | 1 Fuse | 1 Fuse | 2025-04-11 | N/A |
fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint. | ||||
CVE-2009-5007 | 1 Cisco | 1 Anyconnect Ssl Vpn | 2025-04-11 | N/A |
The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files. | ||||
CVE-2010-4173 | 1 Openfabrics | 1 Libsdp | 2025-04-11 | N/A |
The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file. | ||||
CVE-2013-2142 | 1 Libimobiledevice | 1 Libimobiledevice | 2025-04-11 | N/A |
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/. | ||||
CVE-2012-3329 | 2 Ibm, Linux | 3 Advanced Settings Utility, Bootable Media Creator, Linux Kernel | 2025-04-11 | N/A |
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file. |