CVE Tracker
176,036 total CVEsLive vulnerability feed from the National Vulnerability Database
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file.
ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file.
nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file.
mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.debug or (2) /tmp/*.env temporary file.
sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file.
flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file.
trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file.
updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file.
passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd.##### temporary file.
tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file.
tkusr in tkusr 0.82 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/tkusr.pgm temporary file.
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users.
Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named.
SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php).
Ocean12 Calendar Manager Gold 2.04 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12cal.mdb.
Ocean12 Poll Manager Pro 1.00 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12poll.mdb.
Ocean12 Membership Manager Pro stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12member.mdb.
Ocean12 Contact Manager Pro 1.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12con.mdb.
Cross-site scripting (XSS) vulnerability in search.php in BoutikOne CMS allows remote attackers to inject arbitrary web script or HTML via the search_query parameter.
admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type cookie value to admin.
JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to verify a new or mismatched SSH host key, which makes it easier for remote attackers to perform man-in-the-middle attacks.
SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbitrary SQL commands via the u parameter.
SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter.
Showing 142626-142650 of 176,036 CVEs