Total
1273 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-4510 | 1 Cups-pk-helper Project | 1 Cups-pk-helper | 2024-11-21 | N/A |
| cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS resources. | ||||
| CVE-2012-4455 | 1 Opencryptoki Project | 1 Opencryptoki | 2024-11-21 | N/A |
| openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/. | ||||
| CVE-2012-3440 | 2 Redhat, Todd Miller | 2 Enterprise Linux, Sudo | 2024-11-21 | N/A |
| A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. | ||||
| CVE-2012-3345 | 1 Ioquake3 | 1 Ioquake3 Engine | 2024-11-21 | N/A |
| ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ioq3.pid temporary file. | ||||
| CVE-2012-3329 | 2 Ibm, Linux | 3 Advanced Settings Utility, Bootable Media Creator, Linux Kernel | 2024-11-21 | N/A |
| IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file. | ||||
| CVE-2012-2945 | 1 Apache | 1 Hadoop | 2024-11-21 | 7.5 High |
| Hadoop 1.0.3 contains a symlink vulnerability. | ||||
| CVE-2012-2103 | 1 Munin-monitoring | 1 Munin | 2024-11-21 | N/A |
| The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. | ||||
| CVE-2012-2093 | 1 Gajim | 1 Gajim | 2024-11-21 | N/A |
| src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function. | ||||
| CVE-2012-1093 | 1 Debian | 2 Debian Linux, X11-common | 2024-11-21 | 7.8 High |
| The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation. | ||||
| CVE-2012-1088 | 1 Iproute2 Project | 1 Iproute2 | 2024-11-21 | N/A |
| iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script. | ||||
| CVE-2012-0871 | 2 Opensuse, Systemd Project | 2 Opensuse, Systemd | 2024-11-21 | N/A |
| The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. | ||||
| CVE-2012-0808 | 1 Bdale Garbee | 1 As31 | 2024-11-21 | N/A |
| as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack. | ||||
| CVE-2012-0786 | 2 Augeas, Redhat | 3 Augeas, Enterprise Linux, Storage | 2024-11-21 | N/A |
| The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file. | ||||
| CVE-2012-0054 | 1 Golismero | 1 Golismero | 2024-11-21 | N/A |
| libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat. | ||||
| CVE-2011-5271 | 1 Clusterlabs | 1 Pacemaker | 2024-11-21 | 5.5 Medium |
| Pacemaker before 1.1.6 configure script creates temporary files insecurely | ||||
| CVE-2011-5146 | 1 Ingumadev | 1 Bokken | 2024-11-21 | N/A |
| Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot. | ||||
| CVE-2011-4617 | 1 Python | 1 Virtualenv | 2024-11-21 | N/A |
| virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/. | ||||
| CVE-2011-4363 | 2 Frii, Perl | 2 Proc\, Perl | 2024-11-21 | N/A |
| ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS. | ||||
| CVE-2011-4116 | 1 Cpan | 1 File\ | 2024-11-21 | 7.5 High |
| _is_safe in the File::Temp module for Perl does not properly handle symlinks. | ||||
| CVE-2011-4105 | 1 Robert Ancell | 1 Lightdm | 2024-11-21 | N/A |
| LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority. | ||||