Search Results (364661 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5147 1 Holloway 1 Docvert 2026-04-23 N/A
test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file.
CVE-2008-5148 1 Geda 1 Gnetlist 2026-04-23 N/A
sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
CVE-2008-5149 1 Aucko 1 Libncbi6 2026-04-23 N/A
fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
CVE-2008-5150 1 Jose Carlos Medeiros 1 Maildirsync 2026-04-23 N/A
sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file.
CVE-2008-5151 1 Abottoms 1 Mayavi 2026-04-23 N/A
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file.
CVE-2008-5152 1 Peter S Galbraith 1 Mh-book 2026-04-23 N/A
inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/inmail#####.log or (2) /tmp/inmail#####.stdin temporary file.
CVE-2008-5153 1 Moodle 1 Moodle 2026-04-23 N/A
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
CVE-2008-5154 1 Koeniglich 1 P3nfs 2026-04-23 N/A
bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/blue.log temporary file.
CVE-2008-5155 1 Smsclient 1 Smsclient 2026-04-23 N/A
mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file.
CVE-2008-5156 1 Dann Frazier 1 Systemimager-server 2026-04-23 N/A
si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.inetd.conf or (2) /tmp/pxe.conf.*.tmp temporary file.
CVE-2008-5157 1 Uoregon 1 Tau 2026-04-23 N/A
tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts.
CVE-2008-5158 1 Clientsoftware 1 Wincome Mpd Total 2026-04-23 N/A
Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving "simply skipping the auth stage."
CVE-2008-5159 1 Clientsoftware 1 Wincome Mpd Total 2026-04-23 N/A
Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption.
CVE-2008-5160 1 Myserver 1 Myserver 2026-04-23 N/A
Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service (daemon crash) via multiple invalid requests with the HTTP GET, DELETE, OPTIONS, and possibly other methods, related to a "204 No Content error."
CVE-2008-5162 1 Freebsd 1 Freebsd 2026-04-23 7.0 High
The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various network protocols, related to the Yarrow random number generator.
CVE-2008-5163 1 Theratstudios 1 The Rat Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewarticle.php and (2) viewarticle2.php.
CVE-2008-5164 1 Theratstudios 1 The Rat Cms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) viewarticle.php and (b) viewarticle2.php and the (2) PATH_INFO to viewarticle.php.
CVE-2008-5165 1 Eticket 1 Eticket 2026-04-23 N/A
Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php.
CVE-2008-5166 1 Easysitenetwork 1 Riddles Website 2026-04-23 N/A
SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execute arbitrary SQL commands via the riddleid parameter.
CVE-2008-5167 1 Boonex 1 Orca 2026-04-23 N/A
PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gConf[dir][layouts] parameter.