Export limit exceeded: 351386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8280 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0791 | 2 Mozilla, Sco | 2 Mozilla, Openserver | 2026-04-16 | 9.8 Critical |
| The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. | ||||
| CVE-2002-2374 | 1 Sun | 1 Patchpro | 2026-04-16 | N/A |
| Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | ||||
| CVE-2001-1042 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | 7.5 High |
| Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | ||||
| CVE-2002-2382 | 1 Cvsup | 1 Cvsup | 2026-04-16 | N/A |
| cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out. | ||||
| CVE-2002-0824 | 1 Freebsd | 1 Point-to-point Protocol Daemon | 2026-04-16 | N/A |
| BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | ||||
| CVE-2003-0844 | 1 Schroepl | 1 Mod Gzip | 2026-04-16 | 7.1 High |
| mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled. | ||||
| CVE-2006-1247 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-0587 | 1 Mozilla | 2 Firefox, Mozilla | 2026-04-16 | 6.5 Medium |
| Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file. | ||||
| CVE-2005-1835 | 1 Nextweb | 1 Nextweb \(i\)site | 2026-04-16 | N/A |
| NEXTWEB (i)Site stores databases under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to databases/Users.mdb. | ||||
| CVE-2004-2473 | 1 Wmfrog | 1 Wmfrog | 2026-04-16 | N/A |
| wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-1111 | 4 Canonical, Debian, Gnu and 1 more | 4 Ubuntu Linux, Debian Linux, Cpio and 1 more | 2026-04-16 | 4.7 Medium |
| Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. | ||||
| CVE-2005-1879 | 1 Lutel | 1 Lutelwall | 2026-04-16 | 5.5 Medium |
| LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | ||||
| CVE-2005-2991 | 1 Ncompress | 1 Ncompress | 2026-04-16 | 5.0 Medium |
| ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970. | ||||
| CVE-1999-0783 | 1 Freebsd | 1 Freebsd | 2026-04-16 | 5.5 Medium |
| FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system. | ||||
| CVE-1999-0794 | 1 Microsoft | 2 Excel, Office | 2026-04-16 | N/A |
| Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. | ||||
| CVE-2005-3126 | 1 Antiword | 1 Antiword | 2026-04-16 | N/A |
| The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files. | ||||
| CVE-2000-0715 | 3 Conectiva, Kirk Bauer, Redhat | 3 Linux, Diskcheck, Powertools | 2026-04-16 | N/A |
| DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2005-3011 | 2 Gnu, Redhat | 2 Texinfo, Enterprise Linux | 2026-04-16 | N/A |
| The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0517 | 1 Mgetty Project | 1 Mgetty | 2026-04-16 | 5.5 Medium |
| faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files. | ||||
| CVE-2003-0578 | 1 Ibm | 1 U2 Universe | 2026-04-16 | 7.8 High |
| cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files. | ||||