Total
1181 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4392 | 1 Systemd Project | 1 Systemd | 2024-11-21 | 3.3 LOW | N/A |
| systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. | |||||
| CVE-2013-4364 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| (1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp. | |||||
| CVE-2013-4262 | 1 Apache | 1 Subversion | 2024-11-21 | 2.4 LOW | N/A |
| svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py issue is covered by CVE-2013-7393. | |||||
| CVE-2013-4215 | 1 Nagios | 1 Plugins | 2024-11-21 | 4.4 MEDIUM | N/A |
| The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to gain privileges via a symlink attack on /tmp/ipxping/ipxping. | |||||
| CVE-2013-4214 | 2 Nagios, Redhat | 2 Nagios, Openstack | 2024-11-21 | 6.3 MEDIUM | N/A |
| rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpie_cache. | |||||
| CVE-2013-4184 | 2 Data\, Debian | 2 \, Debian Linux | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks | |||||
| CVE-2013-4169 | 1 Gnome | 1 Gnome Display Manager | 2024-11-21 | 6.9 MEDIUM | N/A |
| GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/. | |||||
| CVE-2013-4157 | 1 Redhat | 1 Storage Server | 2024-11-21 | 3.6 LOW | N/A |
| Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the (1) e, (2) local-bricks.list, (3) bricks.err, or (4) limits.conf files in /tmp. | |||||
| CVE-2013-4136 | 2 Phusion, Ruby-lang | 2 Passenger, Ruby | 2024-11-21 | 4.4 MEDIUM | N/A |
| ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/. | |||||
| CVE-2013-4116 | 1 Node Packaged Modules Project | 1 Node Packaged Modules | 2024-11-21 | 3.3 LOW | N/A |
| lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives. | |||||
| CVE-2013-3368 | 1 Bestpractical | 1 Rt | 2024-11-21 | 3.3 LOW | N/A |
| bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name. | |||||
| CVE-2013-2561 | 2 Openfabrics, Redhat | 2 Ibutils, Enterprise Linux | 2024-11-21 | 6.3 MEDIUM | N/A |
| OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/. | |||||
| CVE-2013-2217 | 3 Jeff Ortel, Opensuse, Redhat | 3 Suds, Opensuse, Enterprise Linux | 2024-11-21 | 1.2 LOW | N/A |
| cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/. | |||||
| CVE-2013-2142 | 1 Libimobiledevice | 1 Libimobiledevice | 2024-11-21 | 3.3 LOW | N/A |
| userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/. | |||||
| CVE-2013-2105 | 1 Jonathan Leung | 1 Show In Browser | 2024-11-21 | 3.3 LOW | N/A |
| The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html. | |||||
| CVE-2013-2029 | 1 Redhat | 1 Openstack | 2024-11-21 | 6.3 MEDIUM | N/A |
| nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary nagioscfg file with a predictable name in /tmp/. | |||||
| CVE-2013-1976 | 1 Redhat | 2 Enterprise Linux, Jboss Enterprise Web Server | 2024-11-21 | 6.9 MEDIUM | N/A |
| The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log. | |||||
| CVE-2013-1888 | 2 Fedoraproject, Pypa | 2 Fedora, Pip | 2024-11-21 | 2.1 LOW | N/A |
| pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory. | |||||
| CVE-2013-1867 | 1 Apple | 2 Mac Os X, Tokend | 2024-11-21 | 6.3 MEDIUM | 6.1 MEDIUM |
| Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability | |||||
| CVE-2013-1866 | 2 Apple, Opensc Project | 2 Mac Os X, Opensc | 2024-11-21 | 6.3 MEDIUM | 6.1 MEDIUM |
| OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability | |||||