Search
Search Results (7684 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2106 | 2 Debian, Stanford | 2 Debian Linux, Webauth | 2024-11-21 | 7.5 High |
| webauth before 4.6.1 has authentication credential disclosure | ||||
| CVE-2013-1867 | 1 Apple | 2 Mac Os X, Tokend | 2024-11-21 | 6.1 Medium |
| Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability | ||||
| CVE-2013-1866 | 2 Apple, Opensc Project | 2 Mac Os X, Opensc | 2024-11-21 | 6.1 Medium |
| OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability | ||||
| CVE-2013-1809 | 2 Debian, Gambas Project | 2 Debian Linux, Gambas | 2024-11-21 | 7.5 High |
| Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. | ||||
| CVE-2013-1771 | 1 Monkey-project | 1 Monkey | 2024-11-21 | 7.5 High |
| The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo. | ||||
| CVE-2013-1429 | 2 Canonical, Debian | 3 Ubuntu Linux, Debian Linux, Lintian | 2024-11-21 | 6.3 Medium |
| Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. | ||||
| CVE-2013-0159 | 1 Fedoraproject | 1 Fedora | 2024-11-21 | N/A |
| The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg. | ||||
| CVE-2012-6663 | 1 Ge | 4 D200, D200 Firmware, D20me and 1 more | 2024-11-21 | 7.5 High |
| General Electric D20ME devices are not properly configured and reveal plaintext passwords. | ||||
| CVE-2012-6114 | 1 Git-extras Project | 1 Git-extras | 2024-11-21 | 5.5 Medium |
| The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort. | ||||
| CVE-2012-5631 | 1 Freeipa | 1 Freeipa | 2024-11-21 | 8.8 High |
| ipa 3.0 does not properly check server identity before sending credential containing cookies | ||||
| CVE-2012-5527 | 1 Claws-mail | 1 Vcalendar | 2024-11-21 | 5.5 Medium |
| Claws Mail vCalendar plugin: credentials exposed on interface | ||||
| CVE-2012-3823 | 1 Arialsoftware | 1 Campaign Enterprise | 2024-11-21 | 7.5 High |
| Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved. | ||||
| CVE-2012-2945 | 1 Apache | 1 Hadoop | 2024-11-21 | 7.5 High |
| Hadoop 1.0.3 contains a symlink vulnerability. | ||||
| CVE-2012-1156 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-11-21 | 7.5 High |
| Moodle before 2.2.2 has users' private files included in course backups | ||||
| CVE-2012-1093 | 1 Debian | 2 Debian Linux, X11-common | 2024-11-21 | 7.8 High |
| The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation. | ||||
| CVE-2011-5271 | 1 Clusterlabs | 1 Pacemaker | 2024-11-21 | 5.5 Medium |
| Pacemaker before 1.1.6 configure script creates temporary files insecurely | ||||
| CVE-2011-4931 | 2 Debian, Gpw Project | 2 Debian Linux, Gpw | 2024-11-21 | 7.5 High |
| gpw generates shorter passwords than required | ||||
| CVE-2011-3632 | 3 Debian, Hardlink Project, Redhat | 3 Debian Linux, Hardlink, Enterprise Linux | 2024-11-21 | 7.1 High |
| Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. | ||||
| CVE-2011-3618 | 2 Atop Project, Debian | 2 Atop, Debian Linux | 2024-11-21 | 7.8 High |
| atop: symlink attack possible due to insecure tempfile handling | ||||
| CVE-2011-3351 | 1 Openvas | 1 Openvas-scanner | 2024-11-21 | 7.1 High |
| openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this flaw to conduct symlink attacks to overwrite arbitrary files on the system. | ||||