CVE-2026-42597 Gotenberg: Chromium URL conversion routes read arbitrary files under /tmp via file:// scheme

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers. The default Chromium deny-list intentionally exempts file:///tmp/ so HTML/Markdown routes can lo...

CVE-2022-50795

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...

Helmholz REX100 安全漏洞

Helmholz REX100 is a wireless router from Helmholz. A security vulnerability exists in Helmholz REX100 versions prior to 2.3.1, which stems from a lack of authentication and allows an unauthenticated, remote attacker to gain read access to files in the /tmp directory...

postgresql:10 security update

10.23-2.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 10.23-2 - Backport fixes for CVE-2023-2454 and CVE-2023-2455 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207931 10.23-1 - Resolves: CVE-2022-2625 - Rebase to...

SUSE CVE-2015-1838

modules/serverdensitydevice.py in SaltStack before 2014.7.4 does not properly handle files in /tmp...

CVE-2009-1142

A vulnerability was found in open-vm-tools. This flaw allows local users to gain privileges via a symlink attack on /tmp files if the vmware-user-suid-wrapper is the setuid root and the ChmodChownDirectory function is enabled...

CVE-2009-1142

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled...

Design/Logic Flaw

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled...

CVE-2009-1142

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled...

CVE-2009-1142

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled...

SUSE-SU-2022:2337-1 Security update for resource-agents

This update for resource-agents fixes the following issues: Security: - Fixed unsafe tmp files and tmp files directory. bsc1146690, bsc1146691, bsc1146692, bsc1146766, bsc1146776, bsc1146784, bsc1146785, bsc1146787 - Created ocfmon user no longer has a default password. If no password is set, the...

Fabric vulnerable to symlink attack on tmp files

Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on 1 a /tmp/fab..tar file or 2 certain other files in the top level of /tmp/...

GHSA-XWG2-QC6C-7C3Q Fabric vulnerable to symlink attack on tmp files

Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on 1 a /tmp/fab..tar file or 2 certain other files in the top level of /tmp/...

GHSA-92PW-MFF9-JQGM Salt improper handling of tmp files

modules/serverdensitydevice.py in SaltStack before 2014.7.4 does not properly handle files in /tmp...

GHSA-53WM-97P6-582F instack-undercloud vulnerable to symlink attack on tmp files

A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploi...

freeradius:3.0 security and bug fix update

3.0.20-3 - Require make for proper bootstrap execution, removes post script Resolves: bz1672285 3.0.20-2 - Fix breakage caused by OpenSSL FIPS regression Related: bz1855822 Related: bz1810911 Resolves: bz1672285 3.0.20-1 - Update to FreeRADIUS server version 3.0.20 - Introduce Python 3 support;...

Open redirect

On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the OEXCL flag. An attacker could exploit this to launch a symlink attack, though this is partially mitigated by...

cups security and bug fix update

1:1.6.3-43 - 1687571 - cupsd doesnt clean tmp files if client conn is terminated abnormally 1:1.6.3-42 - 1651575 - CVE-2018-4700 cups 1:1.6.3-41 - 1608764 - CVE-2018-4180 cups - 1607291 - CVE-2018-4181 cups...

PT-2019-6829 · Red Hat · Openshift

Name of the Vulnerable Software and Affected Versions: OpenShift affected versions not specified Description: The issue is related to the improper creation of files in /tmp by the dump.sh script in the cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin directory of OpenShift...

CVE-2010-2061

rpcbind 0.2.0 does not properly validate 1 /tmp/portmap.xdr and 2 /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started...