Total
1266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3883 | 1 Caudium | 1 Caudium | 2025-04-09 | 7.2 HIGH | N/A |
| configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file. | |||||
| CVE-2008-4956 | 1 Firewallbuilder | 1 Fwbuilder | 2025-04-09 | 6.9 MEDIUM | N/A |
| fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file. | |||||
| CVE-2008-5152 | 1 Peter S Galbraith | 1 Mh-book | 2025-04-09 | 6.9 MEDIUM | N/A |
| inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/inmail#####.log or (2) /tmp/inmail#####.stdin temporary file. | |||||
| CVE-2008-4936 | 1 Gert Doering | 1 Mgetty | 2025-04-09 | 6.9 MEDIUM | N/A |
| faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file. | |||||
| CVE-2008-4988 | 1 Lars Bahner | 1 Xcal | 2025-04-09 | 6.9 MEDIUM | N/A |
| pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal##### temporary file. | |||||
| CVE-2008-5394 | 1 Debian | 1 Shadow | 2025-04-09 | 7.2 HIGH | N/A |
| /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry. | |||||
| CVE-2008-0870 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | 7.5 HIGH | N/A |
| BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. | |||||
| CVE-2008-4949 | 1 Manoj Srivastava | 1 Dist | 2025-04-09 | 6.9 MEDIUM | N/A |
| dist 3.5 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/cil#####, (b) /tmp/pdo#####, and (c) /tmp/pdn##### temporary files, related to the (1) patcil and (2) patdiff scripts. | |||||
| CVE-2008-0665 | 1 Website Meta Language | 1 Website Meta Language | 2025-04-09 | 3.6 LOW | N/A |
| wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file. | |||||
| CVE-2008-5137 | 1 Tkman | 1 Tkman | 2025-04-09 | 6.9 MEDIUM | N/A |
| tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file. | |||||
| CVE-2008-4162 | 1 Nooms | 1 Nooms | 2025-04-09 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | |||||
| CVE-2007-6061 | 1 Audacityteam | 1 Audacity | 2025-04-09 | 5.0 MEDIUM | N/A |
| Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack. | |||||
| CVE-2008-4984 | 1 Freedesktop | 1 Scratchbox2 | 2025-04-09 | 6.9 MEDIUM | N/A |
| scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts. | |||||
| CVE-2007-6595 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | 2.1 LOW | N/A |
| ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled. | |||||
| CVE-2008-4694 | 1 Opera | 1 Opera Browser | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. | |||||
| CVE-2009-1867 | 1 Adobe | 3 Air, Flash Player, Flex | 2025-04-09 | 4.3 MEDIUM | N/A |
| Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability." | |||||
| CVE-2008-1078 | 2 Gentoo, Rpath | 2 Linux, Rpath Linux | 2025-04-09 | 7.2 HIGH | N/A |
| expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1. | |||||
| CVE-2008-5375 | 1 Cmus | 1 Cmus | 2025-04-09 | 6.9 MEDIUM | N/A |
| cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file. | |||||
| CVE-2008-4957 | 1 Gccxml | 1 Gccxml | 2025-04-09 | 6.9 MEDIUM | N/A |
| find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file. | |||||
| CVE-2008-5742 | 1 Netcat | 1 Netcat | 2025-04-09 | 4.0 MEDIUM | N/A |
| Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the redirect parameter in a logoff action to modules/auth/index.php or (2) the url parameter to modules/linkmanager/redirect.php. NOTE: this was reported within an "HTTP Response Splitting" section in the original disclosure. | |||||