Total
1248 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0613 | 1 Xoops | 1 Xoops | 2025-04-09 | 5.0 MEDIUM | N/A |
| Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter. | |||||
| CVE-2008-4982 | 1 John Horne | 1 Rkhunter | 2025-04-09 | 6.9 MEDIUM | N/A |
| rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270. | |||||
| CVE-2008-4980 | 1 Zak B Elep | 1 Rccp | 2025-04-09 | 6.9 MEDIUM | N/A |
| delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file. | |||||
| CVE-2008-4946 | 1 Convirture | 1 Convirt | 2025-04-09 | 6.9 MEDIUM | N/A |
| convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows_CD_Install/provision.sh scripts in image_store/. | |||||
| CVE-2008-5373 | 1 Bacula | 1 Bacula | 2025-04-09 | 6.9 MEDIUM | N/A |
| mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mtx.##### temporary file, probably a related issue to CVE-2005-2995. | |||||
| CVE-2008-4832 | 1 Rpath | 3 Appliance Platform Linux Service, Initscripts, Linux | 2025-04-09 | 6.9 MEDIUM | N/A |
| rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | |||||
| CVE-2008-4997 | 1 Pilot-qof | 1 Datafreedom-perl | 2025-04-09 | 6.9 MEDIUM | N/A |
| ** DISPUTED ** dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage." | |||||
| CVE-2008-4939 | 1 Apertium | 1 Apertium | 2025-04-09 | 6.9 MEDIUM | N/A |
| apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts. | |||||
| CVE-2008-4972 | 1 Steve Robbins | 1 Mgt | 2025-04-09 | 6.9 MEDIUM | N/A |
| mailgo in mgt 2.31 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mailgo##### temporary file. | |||||
| CVE-2007-5207 | 1 Debian | 1 Guilt | 2025-04-09 | 3.3 LOW | N/A |
| guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file. | |||||
| CVE-2008-5150 | 1 Jose Carlos Medeiros | 1 Maildirsync | 2025-04-09 | 6.9 MEDIUM | N/A |
| sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file. | |||||
| CVE-2008-4971 | 1 Align.bmr.kyushu-u.ac | 1 Mafft | 2025-04-09 | 6.9 MEDIUM | N/A |
| mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files. | |||||
| CVE-2022-3592 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2025-04-08 | N/A | 6.5 MEDIUM |
| A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem. | |||||
| CVE-2020-0638 | 1 Microsoft | 9 Windows 10 1709, Windows 10 1803, Windows 10 1809 and 6 more | 2025-04-08 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1315 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1703, Windows 10 1709 and 10 more | 2025-04-08 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342. | |||||
| CVE-2019-1385 | 1 Microsoft | 6 Windows 10 1709, Windows 10 1803, Windows 10 1809 and 3 more | 2025-04-08 | 6.1 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. | |||||
| CVE-2023-29351 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-08 | N/A | 8.1 HIGH |
| Windows Group Policy Elevation of Privilege Vulnerability | |||||
| CVE-2025-24278 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data. | |||||
| CVE-2025-30457 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 9.8 CRITICAL |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to create symlinks to protected regions of the disk. | |||||
| CVE-2025-24242 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 4.4 MEDIUM |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app with root privileges may be able to access private information. | |||||