Total
1273 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4817 | 2 Debian, Pithos Project | 2 Debian Linux, Pithos | 2024-11-21 | 5.5 Medium |
| pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. | ||||
| CVE-2010-4338 | 2 Debian, Jwilk | 2 Linux, Ocrodjvu | 2024-11-21 | N/A |
| ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine. | ||||
| CVE-2010-4337 | 1 Gnu | 1 Gnash | 2024-11-21 | N/A |
| The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files. | ||||
| CVE-2010-4226 | 2 Gnu, Opensuse | 2 Cpio, Opensuse | 2024-11-21 | N/A |
| cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive. | ||||
| CVE-2010-4173 | 1 Openfabrics | 1 Libsdp | 2024-11-21 | N/A |
| The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file. | ||||
| CVE-2010-3879 | 2 Libfuse Project, Redhat | 2 Libfuse, Enterprise Linux | 2024-11-21 | N/A |
| FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789. | ||||
| CVE-2010-3847 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2024-11-21 | N/A |
| elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory. | ||||
| CVE-2010-3691 | 1 Apereo | 1 Phpcas | 2024-11-21 | N/A |
| PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file. | ||||
| CVE-2010-3095 | 1 Mailscanner | 1 Mailscanner | 2024-11-21 | 4.7 Medium |
| mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313. | ||||
| CVE-2010-2794 | 2 Mozilla, Redhat | 3 Firefox, Enterprise Linux, Spice-xpi | 2024-11-21 | N/A |
| The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file. | ||||
| CVE-2010-2431 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2024-11-21 | N/A |
| The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file. | ||||
| CVE-2010-2192 | 1 Vincent Fourmond | 1 Pmount | 2024-11-21 | N/A |
| The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/. | ||||
| CVE-2010-2064 | 1 Rpcbind Project | 1 Rpcbind | 2024-11-21 | 7.1 High |
| rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr. | ||||
| CVE-2010-2056 | 1 Gnu | 1 Gv | 2024-11-21 | N/A |
| GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2010-2053 | 1 Emesene | 1 Emesene | 2024-11-21 | N/A |
| emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file. | ||||
| CVE-2010-2027 | 2 Linux, Wolfram Research | 2 Linux Kernel, Mathematica | 2024-11-21 | N/A |
| Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | ||||
| CVE-2010-1693 | 1 Openfabrics | 1 Enterprise Distribution | 2024-11-21 | N/A |
| openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file. | ||||
| CVE-2010-1626 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-11-21 | N/A |
| MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. | ||||
| CVE-2010-1183 | 1 Sun | 1 Solaris | 2024-11-21 | N/A |
| Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager. | ||||
| CVE-2010-1160 | 1 Gnu | 1 Nano | 2024-11-21 | N/A |
| GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim. | ||||