Security Vulnerabilities, CVEs, CVSS score between 1 and 1.99
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
Max CVSS
1.9
EPSS Score
0.04%
Published
1996-04-18
Updated
2022-08-17
Lynx allows a local user to overwrite sensitive files through /tmp symlinks.
Max CVSS
1.2
EPSS Score
0.04%
Published
1999-02-11
Updated
2022-08-17
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.
Max CVSS
1.2
EPSS Score
0.04%
Published
1999-04-05
Updated
2022-08-17
Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.
Max CVSS
1.2
EPSS Score
0.07%
Published
1999-12-31
Updated
2008-09-05
(1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.06%
Published
1998-06-11
Updated
2008-09-05
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
1998-02-25
Updated
2017-10-10
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2000-02-16
Updated
2008-09-10
The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files.
Max CVSS
1.2
EPSS Score
0.04%
Published
2000-02-21
Updated
2008-09-10
ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.
Max CVSS
1.2
EPSS Score
0.06%
Published
2000-02-15
Updated
2008-09-10
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
1999-03-01
Updated
2008-09-10
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
Max CVSS
1.2
EPSS Score
0.04%
Published
2000-10-20
Updated
2008-09-05
Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.
Max CVSS
1.2
EPSS Score
0.04%
Published
2000-10-20
Updated
2008-09-05
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.05%
Published
2001-02-16
Updated
2018-05-03
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2000-12-19
Updated
2017-10-10
nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.
Max CVSS
1.2
EPSS Score
0.40%
Published
2000-12-11
Updated
2017-10-10
KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-02-16
Updated
2017-10-10
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-02-12
Updated
2018-10-30
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.07%
Published
2001-03-12
Updated
2017-10-10
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2008-09-05