Total
1391 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6759 | 1 Viart | 1 Viart Shop | 2025-04-09 | 4.3 MEDIUM | N/A |
| ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL in the POST_DATA parameter to manuals_search.php, which reveals the installation path in an error message. | |||||
| CVE-2008-4945 | 1 Tivano | 1 Cdrw-taper | 2025-04-09 | 6.9 MEDIUM | N/A |
| amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory. | |||||
| CVE-2008-4832 | 1 Rpath | 3 Appliance Platform Linux Service, Initscripts, Linux | 2025-04-09 | 6.9 MEDIUM | N/A |
| rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | |||||
| CVE-2008-5145 | 1 Debian | 1 Ltp | 2025-04-09 | 6.9 MEDIUM | N/A |
| ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file. | |||||
| CVE-2008-5743 | 1 Pdfjam | 1 Pdfjam | 2025-04-09 | 6.9 MEDIUM | N/A |
| pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2007-3919 | 2 Debian, Xensource Inc | 2 Debian Linux, Xen | 2025-04-09 | 6.0 MEDIUM | N/A |
| (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | |||||
| CVE-2008-4580 | 1 Gentoo | 2 Cman, Fence | 2025-04-09 | 7.2 HIGH | N/A |
| fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file. | |||||
| CVE-2008-4440 | 1 Debian | 1 Feta | 2025-04-09 | 7.2 HIGH | N/A |
| The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files. | |||||
| CVE-2008-4998 | 1 Twiki | 1 Twiki | 2025-04-09 | 6.9 MEDIUM | N/A |
| postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid. | |||||
| CVE-2008-4978 | 1 Radiance | 1 Radiance | 2025-04-09 | 6.9 MEDIUM | N/A |
| radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (g) /tmp/tl#####.pic, (h) /tmp/ds#####.pic, (i) /tmp/tfa#####, and (j) /tmp/sed##### temporary files, related to the (1) optics2rad, (2) pdelta, (3) dayfact, and (4) raddepend scripts. | |||||
| CVE-2008-5152 | 1 Peter S Galbraith | 1 Mh-book | 2025-04-09 | 6.9 MEDIUM | N/A |
| inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/inmail#####.log or (2) /tmp/inmail#####.stdin temporary file. | |||||
| CVE-2008-5157 | 1 Uoregon | 1 Tau | 2025-04-09 | 6.9 MEDIUM | N/A |
| tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts. | |||||
| CVE-2008-3216 | 1 Debian | 1 Projectl | 2025-04-09 | 4.6 MEDIUM | N/A |
| The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2007-6208 | 1 Claws Mail | 1 Claws Mail Tools | 2025-04-09 | 3.6 LOW | N/A |
| sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file. | |||||
| CVE-2008-3928 | 1 Debian | 1 Honeyd Common | 2025-04-09 | 6.9 MEDIUM | N/A |
| test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2008-4988 | 1 Lars Bahner | 1 Xcal | 2025-04-09 | 6.9 MEDIUM | N/A |
| pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal##### temporary file. | |||||
| CVE-2008-4994 | 1 Ti Kan | 1 Xmcd | 2025-04-09 | 6.9 MEDIUM | N/A |
| The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file. | |||||
| CVE-2008-4162 | 1 Nooms | 1 Nooms | 2025-04-09 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | |||||
| CVE-2007-3916 | 1 Skk Openlab | 1 Skk Tools | 2025-04-09 | 4.4 MEDIUM | N/A |
| The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file. | |||||
| CVE-2008-4938 | 1 Aegis | 2 Aegis, Aegis-web | 2025-04-09 | 6.9 MEDIUM | N/A |
| aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h) /tmp/aegis.#####.out temporary files, related to the (1) bng_dvlpd.sh, (2) bng_rvwd.sh, (3) awt_dvlp.sh, (4) awt_intgrtn.sh, and (5) aegis.cgi scripts. | |||||