Export limit exceeded: 342600 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342600 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1679 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4579 | 2 Gentoo, Redhat | 4 Cman, Fence, Enterprise Linux and 1 more | 2025-04-09 | N/A |
| The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file. | ||||
| CVE-2008-5394 | 1 Debian | 1 Shadow | 2025-04-09 | N/A |
| /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry. | ||||
| CVE-2009-0313 | 1 Kegel | 1 Winetricks | 2025-04-09 | N/A |
| winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file. | ||||
| CVE-2009-0321 | 2 Apple, Microsoft | 2 Safari, Windows | 2025-04-09 | N/A |
| Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . (dot) or (2) .. (dot dot) sequence. | ||||
| CVE-2009-0347 | 1 Autonomy | 1 Ultraseek | 2025-04-09 | N/A |
| Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. | ||||
| CVE-2009-0356 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2025-04-09 | N/A |
| Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582. | ||||
| CVE-2009-0416 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2025-04-09 | N/A |
| The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | ||||
| CVE-2009-0473 | 1 Rockwellautomation | 1 Controllogix 1756-enbt\/a Ethernet\/ Ip Bridge | 2025-04-09 | N/A |
| Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2009-1253 | 1 James Stone | 1 Tunapie | 2025-04-09 | N/A |
| James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file. | ||||
| CVE-2009-1867 | 2 Adobe, Redhat | 4 Air, Flash Player, Flex and 1 more | 2025-04-09 | N/A |
| Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability." | ||||
| CVE-2009-1893 | 2 Isc, Redhat | 2 Dhcp, Enterprise Linux | 2025-04-09 | N/A |
| The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command. | ||||
| CVE-2009-1962 | 2 Debian, Xfig | 2 Debian Linux, Xfig | 2025-04-09 | N/A |
| Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10) xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID] is a process ID. | ||||
| CVE-2009-4193 | 1 Merkaartor | 1 Merkaartor | 2025-04-09 | N/A |
| Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the /tmp/merkaartor.log temporary file. | ||||
| CVE-2008-5145 | 1 Debian | 1 Ltp | 2025-04-09 | N/A |
| ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file. | ||||
| CVE-2008-5144 | 1 Federico Di Gregorio | 1 Nvidia-cg-toolkit | 2025-04-09 | N/A |
| nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file. | ||||
| CVE-2008-5143 | 1 Mohammed Sameer | 1 Multi-gnome-terminal | 2025-04-09 | N/A |
| mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.debug or (2) /tmp/*.env temporary file. | ||||
| CVE-2008-4975 | 1 Debian | 1 Newsgate | 2025-04-09 | N/A |
| mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file. | ||||
| CVE-2007-2978 | 1 Eggblog | 1 Eggblog | 2025-04-09 | N/A |
| Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||
| CVE-2007-3742 | 1 Apple | 2 Iphone, Safari | 2025-04-09 | N/A |
| WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks. | ||||
| CVE-2007-5200 | 1 Opensuse | 1 Opensuse | 2025-04-09 | N/A |
| hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file. | ||||