Search Results (1821 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0689 3 Debian, Kde, Redhat 3 Debian Linux, Kde, Enterprise Linux 2026-04-16 7.1 High
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
CVE-2004-2473 1 Wmfrog 1 Wmfrog 2026-04-16 N/A
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-0824 1 Mathopd 1 Mathopd 2026-04-16 5.5 Medium
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH signal.
CVE-2005-2991 1 Ncompress 1 Ncompress 2026-04-16 5.0 Medium
ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.
CVE-2005-3011 2 Gnu, Redhat 2 Texinfo, Enterprise Linux 2026-04-16 N/A
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2001-0131 2 Apache, Debian 2 Http Server, Debian Linux 2026-04-16 2.9 Low
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-1042 1 Transsoft 1 Broker Ftp Server 2026-04-16 7.5 High
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.
CVE-2001-1043 1 Argosoft 1 Ftp Server 2026-04-16 7.5 High
ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.
CVE-2003-0517 1 Mgetty Project 1 Mgetty 2026-04-16 5.5 Medium
faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files.
CVE-2003-1233 1 Pedestalsoftware 1 Integrity Protection Driver 2026-04-16 9.8 Critical
Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command.
CVE-2005-1111 4 Canonical, Debian, Gnu and 1 more 4 Ubuntu Linux, Debian Linux, Cpio and 1 more 2026-04-16 4.7 Medium
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
CVE-2005-1879 1 Lutel 1 Lutelwall 2026-04-16 5.5 Medium
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
CVE-2005-1880 1 Everybuddy 1 Everybuddy 2026-04-16 5.5 Medium
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
CVE-2005-1916 2 Debian, Ekg Project 2 Debian Linux, Ekg 2026-04-16 5.5 Medium
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
CVE-2005-2714 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.
CVE-2006-1247 1 Ibm 1 Aix 2026-04-16 N/A
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-1999-1386 1 Perl 1 Perl 2026-04-16 5.5 Medium
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
CVE-2002-0793 1 Blackberry 1 Qnx Neutrino Real-time Operating System 2026-04-16 5.5 Medium
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility.
CVE-2003-0844 1 Schroepl 1 Mod Gzip 2026-04-16 7.1 High
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
CVE-2004-0217 2 Redhat, Symantec 2 Linux, Antivirus Scan Engine 2026-04-16 7.0 High
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.