Export limit exceeded: 10724 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8794 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5135 | 1 Debian | 1 Os-prober | 2026-04-23 | N/A |
| os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users. | ||||
| CVE-2008-6760 | 1 Viart | 1 Viart Shop | 2026-04-23 | N/A |
| ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an unauthenticated add and save action for a shopping cart in cart_save.php, which reveals the SQL table names in an error message, related to code that mishandles the lack of a user_id parameter. | ||||
| CVE-2009-4135 | 3 Canonical, Fedoraproject, Gnu | 3 Ubuntu Linux, Fedora, Coreutils | 2026-04-23 | N/A |
| The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. | ||||
| CVE-2007-6692 | 1 Menalto | 1 Gallery | 2026-04-23 | N/A |
| Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules. | ||||
| CVE-2008-6759 | 1 Viart | 1 Viart Shop | 2026-04-23 | N/A |
| ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL in the POST_DATA parameter to manuals_search.php, which reveals the installation path in an error message. | ||||
| CVE-2009-3304 | 1 Gforge | 1 Gforge | 2026-04-23 | N/A |
| GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php. | ||||
| CVE-2008-5256 | 1 Virtualox | 1 Virtualox | 2026-04-23 | N/A |
| The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary file. | ||||
| CVE-2008-1103 | 1 Blender | 1 Blender | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues." | ||||
| CVE-2008-4406 | 1 Debian | 1 Xsabre | 2026-04-23 | N/A |
| A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files. | ||||
| CVE-2009-1753 | 1 Emn | 1 Coccinelle | 2026-04-23 | N/A |
| Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file." | ||||
| CVE-2008-5157 | 1 Uoregon | 1 Tau | 2026-04-23 | N/A |
| tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts. | ||||
| CVE-2008-5156 | 1 Dann Frazier | 1 Systemimager-server | 2026-04-23 | N/A |
| si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.inetd.conf or (2) /tmp/pxe.conf.*.tmp temporary file. | ||||
| CVE-2008-5155 | 1 Smsclient | 1 Smsclient | 2026-04-23 | N/A |
| mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file. | ||||
| CVE-2008-4440 | 1 Debian | 1 Feta | 2026-04-23 | N/A |
| The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files. | ||||
| CVE-2008-5154 | 1 Koeniglich | 1 P3nfs | 2026-04-23 | N/A |
| bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/blue.log temporary file. | ||||
| CVE-2007-5839 | 1 Bitchx | 1 Bitchx | 2026-04-23 | N/A |
| The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command. | ||||
| CVE-2008-4975 | 1 Debian | 1 Newsgate | 2026-04-23 | N/A |
| mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file. | ||||
| CVE-2008-5153 | 1 Moodle | 1 Moodle | 2026-04-23 | N/A |
| spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file. | ||||
| CVE-2008-1078 | 2 Gentoo, Rpath | 2 Linux, Rpath Linux | 2026-04-23 | N/A |
| expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1. | ||||
| CVE-2008-4190 | 3 Openswan, Redhat, Xelerance | 3 Openswan, Enterprise Linux, Openswan | 2026-04-23 | N/A |
| The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled. | ||||