Total
1318 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3742 | 1 Apple | 2 Iphone, Safari | 2025-04-09 | 4.3 MEDIUM | N/A |
| WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks. | |||||
| CVE-2008-5144 | 1 Federico Di Gregorio | 1 Nvidia-cg-toolkit | 2025-04-09 | 6.9 MEDIUM | N/A |
| nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file. | |||||
| CVE-2007-5839 | 1 Bitchx | 1 Bitchx | 2025-04-09 | 4.6 MEDIUM | N/A |
| The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command. | |||||
| CVE-2007-4998 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 6.9 MEDIUM | N/A |
| cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. | |||||
| CVE-2008-4967 | 1 Linuxtrade | 1 Linuxtrade | 2025-04-09 | 6.9 MEDIUM | N/A |
| linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts. | |||||
| CVE-2008-5135 | 1 Debian | 1 Os-prober | 2025-04-09 | 6.2 MEDIUM | N/A |
| os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users. | |||||
| CVE-2008-4982 | 1 John Horne | 1 Rkhunter | 2025-04-09 | 6.9 MEDIUM | N/A |
| rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270. | |||||
| CVE-2008-5704 | 1 Gpsdrive | 1 Gpsdrive | 2025-04-09 | 7.6 HIGH | N/A |
| src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380. | |||||
| CVE-2007-5437 | 1 Broadcom | 1 Etrust Integrated Threat Management | 2025-04-09 | 5.8 MEDIUM | N/A |
| The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689. | |||||
| CVE-2007-1027 | 1 Ibm | 1 Db2 | 2025-04-09 | 4.4 MEDIUM | N/A |
| Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file. | |||||
| CVE-2008-3227 | 1 Joomla | 1 Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | |||||
| CVE-2008-4971 | 1 Align.bmr.kyushu-u.ac | 1 Mafft | 2025-04-09 | 6.9 MEDIUM | N/A |
| mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files. | |||||
| CVE-2008-5377 | 1 Apple | 1 Cups | 2025-04-09 | 6.9 MEDIUM | N/A |
| pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333. | |||||
| CVE-2008-4965 | 1 Savonet | 1 Liguidsoap | 2025-04-09 | 6.9 MEDIUM | N/A |
| liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files. | |||||
| CVE-2009-0032 | 2 Apple, Mandriva | 4 Cups, Corporate Server, Linux and 1 more | 2025-04-09 | 6.9 MEDIUM | N/A |
| CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file. | |||||
| CVE-2008-5034 | 1 A Mennucc1 | 1 Printfilters-ppd | 2025-04-09 | 6.9 MEDIUM | N/A |
| master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filter.debug temporary file. NOTE: the vendor disputes this vulnerability, stating 'this package does not have " possibility of attack with the help of symlinks"' | |||||
| CVE-2008-4947 | 1 Guus Sliepen | 1 Dhis-server | 2025-04-09 | 6.9 MEDIUM | N/A |
| dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file. | |||||
| CVE-2008-4980 | 1 Zak B Elep | 1 Rccp | 2025-04-09 | 6.9 MEDIUM | N/A |
| delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file. | |||||
| CVE-2008-4945 | 1 Tivano | 1 Cdrw-taper | 2025-04-09 | 6.9 MEDIUM | N/A |
| amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory. | |||||
| CVE-2008-5143 | 1 Mohammed Sameer | 1 Multi-gnome-terminal | 2025-04-09 | 6.9 MEDIUM | N/A |
| mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.debug or (2) /tmp/*.env temporary file. | |||||