CVE-2022-40299

Singular before 4.3.1 contains a predictable /tmp pathname in sdb.cc (and similar interface files), allowing a local user to gain privileges of other users via a /tmp file. The issue affects the Singular interface components with predictable /tmp paths; the record clarifies it is not about the la...

Race condition

Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race condition, as demonstrated by /tmp/junksplitimage.ps in prog/splitimage2pdf.c...