Search Results (8900 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-2105 1 Jonathan Leung 1 Show In Browser 2025-04-12 N/A
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.
CVE-2015-5273 1 Redhat 6 Automatic Bug Reporting Tool, Enterprise Linux, Enterprise Linux Desktop and 3 more 2025-04-12 N/A
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.
CVE-2015-5344 2 Apache, Redhat 2 Camel, Jboss Fuse 2025-04-12 N/A
The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.
CVE-2014-3986 1 Cisofy 1 Lynis 2025-04-12 N/A
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.
CVE-2014-8585 1 W3eden 1 Download Manager 2025-04-12 N/A
Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php.
CVE-2016-2510 4 Beanshell, Canonical, Debian and 1 more 8 Beanshell, Ubuntu Linux, Debian Linux and 5 more 2025-04-12 8.1 High
BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.
CVE-2015-4155 1 Gnu 1 Parallel 2025-04-12 N/A
GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) --compress, allows local users to write to arbitrary files via a symlink attack on a temporary file.
CVE-2014-0035 2 Apache, Redhat 7 Cxf, Jboss Amq, Jboss Bpms and 4 more 2025-04-12 N/A
The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2014-5031 3 Apple, Canonical, Redhat 3 Cups, Ubuntu Linux, Enterprise Linux 2025-04-12 N/A
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
CVE-2015-0257 1 Redhat 2 Enterprise Virtualization Manager, Rhev Manager 2025-04-12 N/A
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.
CVE-2016-0448 3 Canonical, Oracle, Redhat 7 Ubuntu Linux, Jdk, Jre and 4 more 2025-04-12 N/A
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.
CVE-2015-1197 1 Gnu 1 Cpio 2025-04-12 N/A
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
CVE-2014-5030 3 Apple, Canonical, Redhat 3 Cups, Ubuntu Linux, Enterprise Linux 2025-04-12 N/A
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
CVE-2015-1335 2 Canonical, Linuxcontainers 2 Ubuntu Linux, Lxc 2025-04-12 N/A
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
CVE-2014-5045 2 Linux, Redhat 6 Linux Kernel, Enterprise Linux, Enterprise Linux Eus and 3 more 2025-04-12 N/A
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program.
CVE-2014-5260 1 Xml-dt Project 1 Xml-dt 2025-04-12 N/A
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.
CVE-2023-21771 1 Microsoft 3 Windows 10, Windows 11, Windows Server 2022 2025-04-12 7 High
Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability
CVE-2025-0273 1 Hcltechsw 2 Hcl Devops Deploy, Hcl Launch 2025-04-11 5.5 Medium
HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.
CVE-2023-30534 2 Cacti, Fedoraproject 2 Cacti, Fedora 2025-04-11 4.3 Medium
Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a “safe” deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn’t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-42459 1 Eprosima 1 Fast Dds 2025-04-11 8.6 High
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). In affected versions specific DATA submessages can be sent to a discovery locator which may trigger a free error. This can remotely crash any Fast-DDS process. The call to free() could potentially leave the pointer in the attackers control which could lead to a double free. This issue has been addressed in versions 2.12.0, 2.11.3, 2.10.3, and 2.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.