Filtered by CWE-367
Filtered by vendor Subscriptions
Total 429 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-1865 1 Gnu 1 Coreutils 2024-11-21 N/A
fts.c in coreutils 8.4 allows local users to delete arbitrary files.
CVE-2015-1743 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748.
CVE-2015-1336 3 Canonical, Debian, Man-db Project 3 Ubuntu Linux, Debian Linux, Man-db 2024-11-21 N/A
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
CVE-2014-8750 2 Openstack, Redhat 2 Nova, Openstack 2024-11-21 N/A
Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.
CVE-2014-4039 3 Ppc64-diag Project, Redhat, Suse 4 Ppc64-diag, Enterprise Linux, Enterprise Linux Server and 1 more 2024-11-21 N/A
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf.
CVE-2014-4038 3 Ppc64-diag Project, Redhat, Suse 4 Ppc64-diag, Enterprise Linux, Enterprise Linux Server and 1 more 2024-11-21 N/A
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.
CVE-2014-2893 2 Llvm, Opensuse 2 Clang, Opensuse 2024-11-21 N/A
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.
CVE-2014-2277 1 Perltidy Project 1 Perltidy 2024-11-21 7.1 High
The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to obtain sensitive information or write to arbitrary files via a symlink attack, related to use of the tmpnam function.
CVE-2014-1859 3 Fedoraproject, Numpy, Redhat 3 Fedora, Numpy, Enterprise Linux 2024-11-21 N/A
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
CVE-2014-1858 1 Numpy 1 Numpy 2024-11-21 N/A
__init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
CVE-2014-1624 1 Python 1 Pyxdg 2024-11-21 N/A
Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called.
CVE-2014-1490 8 Canonical, Debian, Fedoraproject and 5 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2024-11-21 N/A
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.
CVE-2014-0135 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Kafo 2024-11-21 N/A
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and other sensitive information by reading the file.
CVE-2013-6435 3 Debian, Redhat, Rpm 5 Debian Linux, Enterprise Linux, Rhel Eus and 2 more 2024-11-21 N/A
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
CVE-2013-6418 1 Pywbem Project 1 Pywbem 2024-11-21 N/A
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.
CVE-2013-4392 1 Systemd Project 1 Systemd 2024-11-21 N/A
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
CVE-2013-4235 3 Debian, Fedoraproject, Redhat 4 Debian Linux, Shadow, Fedora and 1 more 2024-11-21 4.7 Medium
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
CVE-2013-4169 2 Gnome, Redhat 2 Gnome Display Manager, Enterprise Linux 2024-11-21 N/A
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.
CVE-2013-3888 1 Microsoft 3 Windows 7, Windows Server 2008, Windows Vista 2024-11-21 8.4 High
dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability."
CVE-2013-0219 2 Fedoraproject, Redhat 2 Sssd, Enterprise Linux 2024-11-21 N/A
System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.