Lucene search
K

455 matches found

Positive Technologies
Positive Technologies
added 2023/01/12 12:0 a.m.7 views

PT-2023-12769 · Com.Fasterxml · Java-Merge-Sort

Name of the Vulnerable Software and Affected Versions: com.fasterxml.util:java-merge-sort versions prior to 1.1.0 Description: The issue is related to an Insecure Temporary File in the StdTempFileProvider function, located in StdTempFileProvider.java. This function utilizes the permissive...

5.5CVSS7.1AI score0.0024EPSS
Exploits0References9
Snyk
Snyk
added 2023/01/11 6:31 a.m.3 views

Insecure Temporary File

Overview com.fasterxml.util:java-merge-sort is a package for basic configurable disk-backed N-way merge sort Affected versions of this package are vulnerable to Insecure Temporary File. in the StdTempFileProvider function in StdTempFileProvider.java, which uses the permissive File.createTempFile...

5.5CVSS6.9AI score0.0024EPSS
Exploits0References2
OSV
OSV
added 2023/01/06 9:30 p.m.25 views

GHSA-JJVP-WFP8-RV69 globalpom-utils has Insecure Temporary File

A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.java. The...

9.8CVSS7.8AI score0.00807EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/01/06 9:30 p.m.21 views

globalpom-utils has Insecure Temporary File

A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.java. The...

9.8CVSS4.3AI score0.00807EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2023/01/06 9:15 p.m.28 views

CVE-2018-25068

A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.java. The...

9.8CVSS7AI score0.00807EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/01/06 8:37 p.m.6 views

CVE-2018-25068 devent globalpom-utils FileResourceManagerProvider.java createTmpDir temp file

A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.java. The...

6.5CVSS6.8AI score0.00807EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/01/06 8:37 p.m.32 views

CVE-2018-25068 devent globalpom-utils FileResourceManagerProvider.java createTmpDir temp file

A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.java. The...

6.5CVSS9.6AI score0.00807EPSS
Exploits0References4
OSV
OSV
added 2022/12/28 7:15 p.m.18 views

CVE-2022-4817

A vulnerability was found in centic9 jgit-cookbook. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to insecure temporary file. The attack can be initiated remotely. The name of the patch is b8cb29b43dc704708d598c60ac1881db7cf8e9c3. It is...

7.8CVSS6.9AI score
Exploits0References4
Prion
Prion
added 2022/12/28 7:15 p.m.17 views

Design/Logic Flaw

A vulnerability was found in centic9 jgit-cookbook. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to insecure temporary file. The attack can be initiated remotely. The name of the patch is b8cb29b43dc704708d598c60ac1881db7cf8e9c3. It is...

4.3CVSS7.6AI score0.00508EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/12/28 6:22 p.m.16 views

CVE-2022-4817 centic9 jgit-cookbook temp file

A vulnerability was found in centic9 jgit-cookbook. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to insecure temporary file. The attack can be initiated remotely. The name of the patch is b8cb29b43dc704708d598c60ac1881db7cf8e9c3. It is...

3.1CVSS7.8AI score0.00508EPSS
Exploits0References4
Prion
Prion
added 2022/12/21 10:15 p.m.13 views

Design/Logic Flaw

A vulnerability was found in pig-vector and classified as problematic. Affected by this issue is the function LogisticRegression of the file src/main/java/org/apache/mahout/pig/LogisticRegression.java. The manipulation leads to insecure temporary file. The attack needs to be approached locally. T...

1.7CVSS5.5AI score0.00228EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/21 12:0 a.m.5 views

CVE-2022-4641 pig-vector LogisticRegression.java LogisticRegression temp file

A vulnerability was found in pig-vector and classified as problematic. Affected by this issue is the function LogisticRegression of the file src/main/java/org/apache/mahout/pig/LogisticRegression.java. The manipulation leads to insecure temporary file. The attack needs to be approached locally. T...

2.5CVSS5.5AI score0.00228EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/11/17 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:4022-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.08235EPSS
Exploits0References5
Prion
Prion
added 2022/11/13 8:15 a.m.16 views

Design/Logic Flaw

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...

1.7CVSS5.5AI score0.00526EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/13 12:0 a.m.4 views

PT-2022-24987 · Openkm · Openkm

Name of the Vulnerable Software and Affected Versions: OpenKM versions up to 6.3.11 Description: A vulnerability was found in the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to an insecure temporary file. Recommendations: For OpenKM...

5.5CVSS5.3AI score0.00526EPSS
Exploits1References8
OSV
OSV
added 2022/06/20 10:33 p.m.37 views

GHSA-RVP4-R3G6-8HXQ Insufficiently Protected Credentials via Insecure Temporary File in org.apache.nifi:nifi-single-user-utils

Impact org.apache.nifi.authentication.single.user.writer.StandardLoginCredentialsWriter contains a local information disclosure vulnerability due to writing credentials username and password to a file that is readable by all other users on unix-like systems. On unix-like systems, the system's...

6.5CVSS4.3AI score0.01435EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.38 views

Adobe Creative Cloud < 2.5 Multiple Vulnerabilities (APSB21-41) (macOS)

The version of Adobe Creative Cloud installed on the remote macOS host is prior to 2.5. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-41 advisory. - Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Uncontrolled Searc...

9.3CVSS7.7AI score0.02689EPSS
Exploits0References5
Talos
Talos
added 2022/05/10 12:0 a.m.37 views

InHand Networks InRouter302 httpd upload.cgi file write vulnerability

Summary A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability. Tested Versions InHand Networks...

9.9CVSS8.3AI score0.01704EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/03/31 12:0 a.m.32 views

Insecure Temporary File in SWHKD

SWHKD is a display protocol-independent hotkey daemon made in Rust. In SWHKD versions 1.1.5 and prior, SWHKD uses the /tmp/swhkd.pid pathname. As /tmp is accessible to all users, there can be an information leak or denial of service. No known workarounds exist. A patch is available on the 1.1.0...

7.8CVSS3.1AI score0.00506EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/03/29 7:18 p.m.18 views

GHSA-47WV-VHJ2-G66M Use of insecure temporary file in Horovod

Impact The insecure tempfile.mktemp is used when Horovod is run in an LSF job with jsrun. In that situation, a jsrun rank file is created with mktemp, which could be hijacked by another process to read or manipulate the content. This issue does not impact the use of MPI, Gloo, Spark or Ray. Patch...

8.8CVSS7.3AI score0.00922EPSS
Exploits0References8
Rows per page
Query Builder