ReportizFlow
Filtered by vendor
Subscriptions
Total
1497 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4982 | 1 John Horne | 1 Rkhunter | 2026-04-23 | N/A |
| rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270. | ||||
| CVE-2008-5007 | 1 Lazarus | 1 Lazarus | 2026-04-23 | N/A |
| create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory. | ||||
| CVE-2008-5374 | 2 Matthias Klose, Redhat | 2 Bash-doc, Enterprise Linux | 2026-04-23 | N/A |
| bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts. | ||||
| CVE-2007-5664 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | N/A |
| db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. | ||||
| CVE-2008-4959 | 1 Gpsdrive | 1 Gpsdrive-scripts | 2026-04-23 | N/A |
| geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files. | ||||
| CVE-2008-4284 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Open redirect vulnerability in the ibm_security_logout servlet in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.x versions, 6.0.x before 6.0.2.33, and 6.1.x before 6.1.0.23 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage feature. | ||||
| CVE-2008-5704 | 1 Gpsdrive | 1 Gpsdrive | 2026-04-23 | N/A |
| src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380. | ||||
| CVE-2008-5135 | 1 Debian | 1 Os-prober | 2026-04-23 | N/A |
| os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users. | ||||
| CVE-2008-4987 | 1 Xastir | 1 Xastir | 2026-04-23 | N/A |
| xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts. | ||||
| CVE-2008-3261 | 1 Claroline | 1 Claroline | 2026-04-23 | N/A |
| Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | ||||
| CVE-2008-3456 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | N/A |
| phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack. | ||||
| CVE-2008-3524 | 1 Redhat | 2 Fedora, Initscripts | 2026-04-23 | N/A |
| rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run. | ||||
| CVE-2008-0883 | 3 Adobe, Redhat, Suse | 5 Acrobat Reader, Rhel Extras, Open Suse and 2 more | 2026-04-23 | N/A |
| acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | ||||
| CVE-2008-3699 | 1 Amarok | 1 Amarok | 2026-04-23 | N/A |
| The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file. | ||||
| CVE-2008-4477 | 1 Jim Trocki | 1 Mon | 2026-04-23 | N/A |
| alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink attack on the test.alert.log temporary file. | ||||
| CVE-2008-5145 | 1 Debian | 1 Ltp | 2026-04-23 | N/A |
| ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file. | ||||
| CVE-2007-5805 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804. | ||||
| CVE-2008-4966 | 1 Openswan | 1 Linux-patch-openswan | 2026-04-23 | N/A |
| linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts. | ||||
| CVE-2008-5156 | 1 Dann Frazier | 1 Systemimager-server | 2026-04-23 | N/A |
| si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.inetd.conf or (2) /tmp/pxe.conf.*.tmp temporary file. | ||||
| CVE-2007-2978 | 1 Eggblog | 1 Eggblog | 2026-04-23 | N/A |
| Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||