Total
1092 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2684 | 1 Rkkda | 1 Foo2zjs | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian unstable, and 20090908dfsg-5.1+squeeze0 as packaged in Debian squeeze create temporary files insecurely, which allows local users to write over arbitrary files via a symlink attack on /tmp/foo2zjs. | |||||
CVE-2017-2916 | 1 Meetcircle | 2 Circle With Disney, Circle With Disney Firmware | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an arbitrary file to be overwritten. An attacker can send an HTTP request to trigger this vulnerability. | |||||
CVE-2017-1000420 | 1 Syncthing | 1 Syncthing | 2024-02-04 | 6.4 MEDIUM | 7.5 HIGH |
Syncthing version 0.14.33 and older is vulnerable to symlink traversal resulting in arbitrary file overwrite | |||||
CVE-2017-15357 | 1 Arqbackup | 1 Arq | 2024-02-04 | 6.9 MEDIUM | 7.4 HIGH |
The setpermissions function in the auto-updater in Arq before 5.9.7 for Mac allows local users to gain root privileges via a symlink attack on the updater binary itself. | |||||
CVE-2014-1859 | 3 Fedoraproject, Numpy, Redhat | 3 Fedora, Numpy, Enterprise Linux | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2017-1301 | 1 Ibm | 1 Tivoli Storage Manager | 2024-02-04 | 3.6 LOW | 5.5 MEDIUM |
IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. IBM X-Force ID: 125163. | |||||
CVE-2014-4978 | 2 Fedoraproject, Rawstudio | 2 Fedora, Rawstudio | 2024-02-04 | 3.6 LOW | 5.5 MEDIUM |
The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on (1) /tmp/rs-filter-graph.png or (2) /tmp/rs-filter-graph. | |||||
CVE-2017-12172 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server. | |||||
CVE-2015-5701 | 1 Tug | 1 Texlive | 2024-02-04 | 5.6 MEDIUM | 6.1 MEDIUM |
mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this vulnerability exists due to the reversion of a fix of CVE-2015-5700. | |||||
CVE-2017-8108 | 1 Cisofy | 1 Lynis | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. | |||||
CVE-2017-1000115 | 3 Debian, Mercurial, Redhat | 8 Debian Linux, Mercurial, Enterprise Linux Desktop and 5 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository | |||||
CVE-2013-4364 | 1 Redhat | 1 Openshift | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp. | |||||
CVE-2014-4996 | 1 Vladtheenterprising Project | 1 Vladtheenterprising | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}. | |||||
CVE-2017-7501 | 1 Rpm | 1 Rpm | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation. | |||||
CVE-2015-5700 | 1 Tug | 1 Texlive | 2024-02-04 | 5.6 MEDIUM | 6.1 MEDIUM |
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. | |||||
CVE-2015-7529 | 3 Canonical, Redhat, Sos Project | 8 Ubuntu Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date. | |||||
CVE-2015-5705 | 2 Devscripts Devel Team, Fedoraproject | 2 Devscripts, Fedora | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename. | |||||
CVE-2015-7724 | 1 Amd | 1 Fglrx-driver | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723. | |||||
CVE-2017-7549 | 2 Openstack, Redhat | 2 Instack-undercloud, Openstack | 2024-02-04 | 3.3 LOW | 6.4 MEDIUM |
A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files. | |||||
CVE-2017-16611 | 3 Canonical, Debian, X | 3 Ubuntu Linux, Debian Linux, Libxfont | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files. |