CVE-2013-0178

Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm...

DEBIAN-CVE-2013-0180

Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds...

CVE-2013-0178

CVE-2013-0178 affects Redis before 2.6, with an insecure temporary file vulnerability related to /tmp/redis-%p.vm. The connected documents confirm the affected software and the insecure temp-file root cause but do not provide exploitation details, impact specifics, or any remediation/patch inform...

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

CVE-2018-6706

Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors...

CVE-2018-6557 Insecure temporary file use in base-files

The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions we...

CVE-2011-2765 Insecure temporary file handling

pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks...

CVE-2018-3710

Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution...

CVE-2018-3710

CVE-2018-3710 affects GitLab Community/Enterprise Edition 10.3.3, with an insecure temporary file in the project import component enabling remote code execution. Multiple sources (NVD, Debian DSA, CNVD, OSV) corroborate an arbitrary code execution via project import; CVE-2018-3710 is part of a se...

PT-2018-16134 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: Gitlab Community and Enterprise Editions version 10.3.3 Description: The issue is related to an insecure temporary file in the project import component, which can result in remote code execution. Recommendations: For Gitlab Community and...

CVE-2015-1590

The kamcmd administrative utility and default configuration in kamailio before 4.3.0 use /tmp/kamailioctl...

kamailio /tmp/kamailio_fifo Insecure Temporary File Creation Vulnerability

kamailio is an open source GPL-based SIP Session Initiation Protocol, Session Initiation Protocol server . A security vulnerability exists in /tmp/kamailiofifo in kamailio version 4.0.1. A remote attacker can exploit this vulnerability to perform a symbolic link attack, overwrite arbitrary files,...

DEBIAN-CVE-2013-7426

Insecure Temporary file vulnerability in /tmp/kamailiofifo in kamailio 4.0.1...

CVE-2013-7426

Insecure Temporary file vulnerability in /tmp/kamailiofifo in kamailio 4.0.1...

CVE-2013-7426

The vulnerability CVE-2013-7426 affects kamailio 4.0.1, via insecure creation of /tmp/kamailio_fifo. Several connected sources corroborate an insecure temporary-file vulnerability in /tmp/kamailio_fifo, enabling manipulation of the file path. Notably, CNVD-2017-31584 describes a remote attacker e...

pulp: Insecure temporary file used when generating certificate for Pulp Nodes

It was found that the private key for the node certificate was contained in a world-readable temporary file. A local user could possibly use this flaw to gain access to the private key information in the temporary file...

Amazon Linux: Security Advisory (ALAS-2016-666)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : sos (ALAS-2016-666)

An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the...

sos security update

CentOS Errata and Security Advisory CESA-2016:0188 An updated sos package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base...

CentOS Update for sos CESA-2016:0188 centos7

Check the version of sos SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882393";...