Total
1472 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0541 | 2 Fuse, Redhat | 2 Fuse, Enterprise Linux | 2025-04-11 | N/A |
| fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack. | ||||
| CVE-2011-0461 | 1 Opensuse | 1 Opensuse | 2025-04-11 | N/A |
| /etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab. | ||||
| CVE-2010-0788 | 1 Ncpfs | 1 Ncpfs | 2025-04-11 | N/A |
| ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs. | ||||
| CVE-2011-0012 | 2 Mozilla, Redhat | 3 Firefox, Enterprise Linux, Spice-xpi | 2025-04-11 | N/A |
| The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name. | ||||
| CVE-2011-0402 | 1 Debian | 1 Dpkg | 2025-04-11 | N/A |
| dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory. | ||||
| CVE-2013-2142 | 1 Libimobiledevice | 1 Libimobiledevice | 2025-04-11 | N/A |
| userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/. | ||||
| CVE-2013-4136 | 3 Phusion, Redhat, Ruby-lang | 3 Passenger, Openshift, Ruby | 2025-04-11 | N/A |
| ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/. | ||||
| CVE-2010-4338 | 2 Debian, Jwilk | 2 Linux, Ocrodjvu | 2025-04-11 | N/A |
| ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine. | ||||
| CVE-2010-4337 | 1 Gnu | 1 Gnash | 2025-04-11 | N/A |
| The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files. | ||||
| CVE-2010-3691 | 1 Apereo | 1 Phpcas | 2025-04-11 | N/A |
| PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file. | ||||
| CVE-2010-2431 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2025-04-11 | N/A |
| The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file. | ||||
| CVE-2010-2056 | 1 Gnu | 1 Gv | 2025-04-11 | N/A |
| GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2010-2053 | 1 Emesene | 1 Emesene | 2025-04-11 | N/A |
| emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file. | ||||
| CVE-2011-1004 | 2 Redhat, Ruby-lang | 2 Enterprise Linux, Ruby | 2025-04-11 | N/A |
| The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack. | ||||
| CVE-2010-2027 | 2 Linux, Wolfram Research | 2 Linux Kernel, Mathematica | 2025-04-11 | N/A |
| Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | ||||
| CVE-2011-0441 | 1 Php | 1 Php | 2025-04-11 | N/A |
| The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. | ||||
| CVE-2013-0927 | 1 Google | 1 Chrome Os | 2025-04-11 | N/A |
| Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data. | ||||
| CVE-2010-0546 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder. | ||||
| CVE-2010-0439 | 1 Chip Salzenberg | 1 Deliver | 2025-04-11 | N/A |
| Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file. | ||||
| CVE-2011-0727 | 2 Gnome, Redhat | 2 Gdm, Enterprise Linux | 2025-04-11 | N/A |
| GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/. | ||||