CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1461 matches found

Cvelist•added 2009/03/05 2:0 a.m.•18 views

CVE-2009-0037

The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...

8.3AI score0.09919EPSS

Exploits2References32

OSV•added 2009/03/04 5:30 p.m.•1 views

DEBIAN-CVE-2008-6398

sngregress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/recompiled$$.png, 2 /tmp/decompiled$$.sng, and 3 /tmp/canonicalized$$.sng temporary files...

6.9CVSS6.7AI score0.00025EPSS

Exploits1References1

Prion•added 2009/03/04 5:30 p.m.•10 views

Code injection

sngregress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/recompiled$$.png, 2 /tmp/decompiled$$.sng, and 3 /tmp/canonicalized$$.sng temporary files...

6.9CVSS6.8AI score0.00025EPSS

Exploits1References4Affected Software1

Prion•added 2009/02/10 7:0 a.m.•12 views

Code injection

The SaveDoc method in the AllInTheBox.AllBox ActiveX control in ALLINTHEBOX.OCX in Synactis ALL In-The-Box ActiveX 3 allows remote attackers to create and overwrite arbitrary files via an argument ending in a '\0' character, which bypasses the intended .box filename extension, as demonstrated by ...

9.3CVSS7.3AI score0.05943EPSS

Exploits1References6Affected Software1

Prion•added 2009/02/03 11:30 p.m.•12 views

Code injection

The SSL certificate setup program genSslCert.sh in Standards Based Linux Instrumentation for Manageability SBLIM sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /var/tmp/key.pem, 2 /var/tmp/cert.pem, and 3 /var/tmp/ssl.cnf temporary files...

6.9CVSS6.8AI score0.00014EPSS

Exploits0References6Affected Software1

NVD•added 2009/01/28 2:30 a.m.•10 views

CVE-2009-0313

winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the xshowmenu.txt temporary file...

6.9CVSS6.2AI score0.00025EPSS

Exploits0References5

Prion•added 2009/01/21 2:30 a.m.•15 views

Directory traversal

Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magicquotesgpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter...

6.8CVSS6.8AI score0.07827EPSS

Exploits1References10Affected Software1

Cvelist•added 2009/01/21 2:0 a.m.•29 views

CVE-2008-5919

6.5AI score0.07827EPSS

Exploits1References10

NVD•added 2008/12/22 3:30 p.m.•14 views

CVE-2008-5704

src/unittest.c in gpsdrive aka gpsdrive-scripts 2.10pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380...

7.6CVSS6AI score0.00309EPSS

Exploits0References2

UbuntuCve•added 2008/12/08 11:30 p.m.•23 views

CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

6.9CVSS7.3AI score0.00016EPSS

Exploits0References1

UbuntuCve•added 2008/12/08 11:30 p.m.•22 views

CVE-2008-5370

pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file...

6.9CVSS5.9AI score0.00024EPSS

Exploits0References1

UbuntuCve•added 2008/12/08 11:30 p.m.•15 views

CVE-2008-5369

noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file...

6.9CVSS6AI score0.00024EPSS

Exploits0References1

OSV•added 2008/12/08 11:30 p.m.•5 views

CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

6.1AI score

Exploits0References1

OSV•added 2008/12/08 11:30 p.m.•1 views

DEBIAN-CVE-2008-5377

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333...

6.9CVSS6.8AI score0.00224EPSS

Exploits7References1

UbuntuCve•added 2008/12/08 11:30 p.m.•24 views

CVE-2008-5378

arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arbpids temporary file...

6.9CVSS5.9AI score0.00024EPSS

Exploits0References1

OSV•added 2008/12/08 11:30 p.m.•3 views

CVE-2008-5376

editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.tag.tmp temporary file...

6.5AI score

Exploits0References2

Prion•added 2008/12/08 11:30 p.m.•21 views

Design/Logic Flaw

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333...

6.9CVSS6.3AI score0.00224EPSS

Exploits7References3Affected Software1

OSV•added 2008/12/08 11:30 p.m.•2 views

DEBIAN-CVE-2008-5368

muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file...

6.9CVSS6.6AI score0.00026EPSS

Exploits0References1

OSV•added 2008/12/08 11:30 p.m.•1 views

DEBIAN-CVE-2008-5373

mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mtx. temporary file, probably a related issue to CVE-2005-2995...

6.9CVSS6.3AI score0.00125EPSS

Exploits0References1