ReportizFlow
Filtered by vendor
Subscriptions
Total
1498 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-1338 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2025-04-12 | N/A |
| kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log. | ||||
| CVE-2015-1331 | 1 Linuxcontainers | 1 Lxc | 2025-04-12 | N/A |
| lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. | ||||
| CVE-2014-5459 | 3 Opensuse, Oracle, Php | 4 Evergreen, Opensuse, Solaris and 1 more | 2025-04-12 | N/A |
| The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions. | ||||
| CVE-2021-4287 | 1 Microsoft | 1 Binwalk | 2025-04-11 | 5 Medium |
| A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 is able to address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876. | ||||
| CVE-2012-2093 | 1 Gajim | 1 Gajim | 2025-04-11 | N/A |
| src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function. | ||||
| CVE-2014-1640 | 1 Debian | 1 Axiom | 2025-04-11 | N/A |
| axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename. | ||||
| CVE-2010-0788 | 1 Ncpfs | 1 Ncpfs | 2025-04-11 | N/A |
| ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs. | ||||
| CVE-2009-1299 | 1 Pulseaudio | 1 Pulseaudio | 2025-04-11 | N/A |
| The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file. | ||||
| CVE-2013-6402 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-11 | N/A |
| base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file. | ||||
| CVE-2011-1004 | 2 Redhat, Ruby-lang | 2 Enterprise Linux, Ruby | 2025-04-11 | N/A |
| The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack. | ||||
| CVE-2010-2056 | 1 Gnu | 1 Gv | 2025-04-11 | N/A |
| GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2012-4455 | 1 Opencryptoki Project | 1 Opencryptoki | 2025-04-11 | N/A |
| openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/. | ||||
| CVE-2012-6348 | 1 Centrify | 2 Centrify Deployment Manager, Centrify Suite | 2025-04-11 | N/A |
| Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file. | ||||
| CVE-2010-2431 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2025-04-11 | N/A |
| The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file. | ||||
| CVE-2013-3368 | 1 Bestpractical | 1 Rt | 2025-04-11 | N/A |
| bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name. | ||||
| CVE-2011-1031 | 1 Feh Project | 1 Feh | 2025-04-11 | N/A |
| The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to create arbitrary files via a symlink attack on a /tmp/feh_ temporary file, a different vulnerability than CVE-2011-0702. | ||||
| CVE-2010-0439 | 1 Chip Salzenberg | 1 Deliver | 2025-04-11 | N/A |
| Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file. | ||||
| CVE-2010-0118 | 1 Becauseinter | 1 Bournal | 2025-04-11 | N/A |
| Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check. | ||||
| CVE-2012-3329 | 2 Ibm, Linux | 3 Advanced Settings Utility, Bootable Media Creator, Linux Kernel | 2025-04-11 | N/A |
| IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file. | ||||
| CVE-2013-2561 | 2 Openfabrics, Redhat | 2 Ibutils, Enterprise Linux | 2025-04-11 | N/A |
| OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/. | ||||