Filtered by CWE-59
Filtered by vendor Subscriptions
Total 1302 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-1420 1 Canonical 1 Ubuntu-ui-toolkit 2024-11-21 3.8 Low
On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the O_EXCL flag. An attacker could exploit this to launch a symlink attack, though this is partially mitigated by symlink and hardlink restrictions in Ubuntu. Fixed in 1.1.1188+14.10.20140813.4-0ubuntu1.
CVE-2014-0243 1 Check Mk Project 1 Check Mk 2024-11-21 N/A
Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job.
CVE-2013-4655 1 Belkin 2 N900, N900 Firmware 2024-11-21 7.5 High
Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service.
CVE-2013-4364 1 Redhat 1 Openshift 2024-11-21 N/A
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp.
CVE-2013-4251 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2024-11-21 7.8 High
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.
CVE-2013-4184 2 Data\, Debian 2 \, Debian Linux 2024-11-21 5.5 Medium
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
CVE-2013-1867 1 Apple 2 Mac Os X, Tokend 2024-11-21 6.1 Medium
Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability
CVE-2013-1866 2 Apple, Opensc Project 2 Mac Os X, Opensc 2024-11-21 6.1 Medium
OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability
CVE-2013-1809 2 Debian, Gambas Project 2 Debian Linux, Gambas 2024-11-21 7.5 High
Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories.
CVE-2013-1429 2 Canonical, Debian 3 Ubuntu Linux, Debian Linux, Lintian 2024-11-21 6.3 Medium
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks.
CVE-2013-0159 1 Fedoraproject 1 Fedora 2024-11-21 N/A
The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg.
CVE-2012-6114 1 Git-extras Project 1 Git-extras 2024-11-21 5.5 Medium
The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort.
CVE-2012-2945 1 Apache 1 Hadoop 2024-11-21 7.5 High
Hadoop 1.0.3 contains a symlink vulnerability.
CVE-2012-1093 1 Debian 2 Debian Linux, X11-common 2024-11-21 7.8 High
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.
CVE-2011-5271 1 Clusterlabs 1 Pacemaker 2024-11-21 5.5 Medium
Pacemaker before 1.1.6 configure script creates temporary files insecurely
CVE-2011-4116 1 Cpan 1 File\ 2024-11-21 7.5 High
_is_safe in the File::Temp module for Perl does not properly handle symlinks.
CVE-2011-3632 3 Debian, Hardlink Project, Redhat 3 Debian Linux, Hardlink, Enterprise Linux 2024-11-21 7.1 High
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
CVE-2011-3618 2 Atop Project, Debian 2 Atop, Debian Linux 2024-11-21 7.8 High
atop: symlink attack possible due to insecure tempfile handling
CVE-2011-3351 1 Openvas 1 Openvas-scanner 2024-11-21 7.1 High
openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this flaw to conduct symlink attacks to overwrite arbitrary files on the system.
CVE-2011-2924 3 Debian, Fedoraproject, Linuxfoundation 3 Debian Linux, Fedora, Foomatic-filters 2024-11-21 5.5 Medium
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.