Export limit exceeded: 355060 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1754 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3742 | 1 Apple | 2 Iphone, Safari | 2026-04-23 | N/A |
| WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks. | ||||
| CVE-2008-5146 | 1 Erl Wustl | 1 Ctn | 2026-04-23 | N/A |
| add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file. | ||||
| CVE-2007-5377 | 1 Gnu | 1 Tramp | 2026-04-23 | N/A |
| The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2007-6061 | 1 Audacityteam | 1 Audacity | 2026-04-23 | N/A |
| Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack. | ||||
| CVE-2007-6208 | 1 Claws Mail | 1 Claws Mail Tools | 2026-04-23 | N/A |
| sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file. | ||||
| CVE-2009-0313 | 1 Kegel | 1 Winetricks | 2026-04-23 | N/A |
| winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file. | ||||
| CVE-2008-0167 | 2 Debian, Gforge | 2 Debian Linux, Gforge | 2026-04-23 | N/A |
| The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances. | ||||
| CVE-2008-4958 | 1 Alejandro Garrido Mota | 1 Gdrae | 2026-04-23 | N/A |
| gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file. | ||||
| CVE-2008-0665 | 1 Website Meta Language | 1 Website Meta Language | 2026-04-23 | N/A |
| wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file. | ||||
| CVE-2009-1893 | 2 Isc, Redhat | 2 Dhcp, Enterprise Linux | 2026-04-23 | N/A |
| The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command. | ||||
| CVE-2008-0732 | 2 Apache, Suse | 2 Geronimo, Suse Linux | 2026-04-23 | N/A |
| The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories. | ||||
| CVE-2009-4135 | 3 Canonical, Fedoraproject, Gnu | 3 Ubuntu Linux, Fedora, Coreutils | 2026-04-23 | N/A |
| The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. | ||||
| CVE-2008-3329 | 1 Twibright | 1 Links | 2026-04-23 | N/A |
| Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." | ||||
| CVE-2008-4957 | 1 Gccxml | 1 Gccxml | 2026-04-23 | N/A |
| find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file. | ||||
| CVE-2008-0806 | 1 Paul Pelzl | 1 Wyrd | 2026-04-23 | N/A |
| wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. | ||||
| CVE-2008-4955 | 1 Duncan Webb | 1 Freevo | 2026-04-23 | N/A |
| freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code. | ||||
| CVE-2009-1867 | 2 Adobe, Redhat | 4 Air, Flash Player, Flex and 1 more | 2026-04-23 | N/A |
| Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability." | ||||
| CVE-2008-4953 | 1 Firehol | 1 Firehol | 2026-04-23 | N/A |
| firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks. | ||||
| CVE-2008-4952 | 1 Emacs | 1 Emacs-jabber | 2026-04-23 | N/A |
| emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file. | ||||
| CVE-2009-0876 | 2 Linux, Sun | 2 Linux Kernel, Xvm Virtualbox | 2026-04-23 | N/A |
| Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN. | ||||