Total
1092 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-4214 | 2 Nagios, Redhat | 2 Nagios, Openstack | 2024-02-04 | 6.3 MEDIUM | N/A |
rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpie_cache. | |||||
CVE-2012-0786 | 1 Augeas | 1 Augeas | 2024-02-04 | 3.3 LOW | N/A |
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file. | |||||
CVE-2013-1976 | 1 Redhat | 2 Enterprise Linux, Jboss Enterprise Web Server | 2024-02-04 | 6.9 MEDIUM | N/A |
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log. | |||||
CVE-2011-5146 | 1 Ingumadev | 1 Bokken | 2024-02-04 | 2.6 LOW | N/A |
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot. | |||||
CVE-2012-4455 | 1 Opencryptoki Project | 1 Opencryptoki | 2024-02-04 | 6.2 MEDIUM | N/A |
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/. | |||||
CVE-2013-1495 | 1 Oracle | 1 Support Tools | 2024-02-04 | 6.9 MEDIUM | N/A |
asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp. | |||||
CVE-2013-3368 | 1 Bestpractical | 1 Rt | 2024-02-04 | 3.3 LOW | N/A |
bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name. | |||||
CVE-2013-4157 | 1 Redhat | 1 Storage Server | 2024-02-04 | 3.6 LOW | N/A |
Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the (1) e, (2) local-bricks.list, (3) bricks.err, or (4) limits.conf files in /tmp. | |||||
CVE-2012-5355 | 1 Bryce Harrington | 1 Xdiagnose | 2024-02-04 | 3.3 LOW | N/A |
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. | |||||
CVE-2013-4392 | 1 Systemd Project | 1 Systemd | 2024-02-04 | 3.3 LOW | N/A |
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. | |||||
CVE-2012-2103 | 1 Munin-monitoring | 1 Munin | 2024-02-04 | 1.2 LOW | N/A |
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. | |||||
CVE-2012-2093 | 1 Gajim | 1 Gajim | 2024-02-04 | 3.3 LOW | N/A |
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function. | |||||
CVE-2012-3329 | 2 Ibm, Linux | 3 Advanced Settings Utility, Bootable Media Creator, Linux Kernel | 2024-02-04 | 3.3 LOW | N/A |
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file. | |||||
CVE-2013-4136 | 2 Phusion, Ruby-lang | 2 Passenger, Ruby | 2024-02-04 | 4.4 MEDIUM | N/A |
ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/. | |||||
CVE-2013-2561 | 2 Openfabrics, Redhat | 2 Ibutils, Enterprise Linux | 2024-02-04 | 6.3 MEDIUM | N/A |
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/. | |||||
CVE-2012-3345 | 1 Ioquake3 | 1 Ioquake3 Engine | 2024-02-04 | 5.6 MEDIUM | N/A |
ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ioq3.pid temporary file. | |||||
CVE-2013-2217 | 3 Jeff Ortel, Opensuse, Redhat | 3 Suds, Opensuse, Enterprise Linux | 2024-02-04 | 1.2 LOW | N/A |
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/. | |||||
CVE-2013-1888 | 2 Fedoraproject, Pypa | 2 Fedora, Pip | 2024-02-04 | 2.1 LOW | N/A |
pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory. | |||||
CVE-2013-4969 | 4 Canonical, Debian, Puppet and 1 more | 4 Ubuntu Linux, Debian Linux, Puppet Enterprise and 1 more | 2024-02-04 | 2.1 LOW | N/A |
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. | |||||
CVE-2013-1444 | 2 Debian, Marc Vertes | 2 Txt2man, Txt2man | 2024-02-04 | 3.3 LOW | N/A |
A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222. |