EUVD-2022-52094

Malicious code in bioql PyPI...

EUVD-2022-0119

Malicious code in bioql PyPI...

EUVD-2022-0158

Malicious code in bioql PyPI...

CVE-2025-7647 Insecure Temporary File Handling in run-llama/llama_index

The llama-index-core package, up to version 0.12.44, contains a vulnerability in the getcachedir function where a predictable, hardcoded directory path /tmp/llamaindex is used on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal...

CVE-2025-34194 Vasion Print (formerly PrinterLogic) Local Privilege Escalation via Insecure Temporary File Handling

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 Windows client deployments contain an insecure temporary-file handling vulnerability in the PrinterInstallerClient components. The software creates files as NT...

CVE-2025-9474 Mihomo Party Socket sysproxy.ts enableSysProxy temp file

A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach...

CVE-2022-4817

A vulnerability was found in centic9 jgit-cookbook. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to insecure temporary file. The attack can be initiated remotely. The name of the patch is b8cb29b43dc704708d598c60ac1881db7cf8e9c3. It is...

CVE-2022-24913

Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider function in StdTempFileProvider.java, which uses the permissive File.createTempFile function, exposing temporary file contents...

CVE-2022-3969

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...

CVE-2020-9291

An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack...

Nextcloud Server Insecure Temporary File Creation Vulnerability (GHSA-q568-2933-gcjq)

Nextcloud Server is prone to an insecure temporary file creation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Insecure temporary file creation, race with write access and permission

None...

Insecure Temporary File usage in github.com/golang/glog

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

GHSA-6WXM-MPQJ-6JPF Insecure Temporary File usage in github.com/golang/glog

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

Exploit for CVE-2025-25599

CVE-2025-25599 Details Bolt is an o...

GHSA-2C6G-PFX3-W7H8 Insecure Temporary File in RESTEasy

Impact In RESTEasy the insecure File.createTempFile is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user. Patches Fixed in the following pull requests:...

CVE-2024-0139

NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service...

CVE-2024-0139

NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service...

Insecure Temporary File

Overview greenbids-tailor is a Bring traffic shaping to your own cloud Affected versions of this package are vulnerable to Insecure Temporary File due to the use of a world-writable directory /tmp for the download lock file greenbids-tailor-download.lock. This setup could allow local attackers wi...

Astra Linux – Vulnerability in nano

A vulnerability was discovered in GNU Nano, which allows for potential privilege escalation through an insecure temporary file. If Nano is terminated while editing, a file that it saves to an emergency file, with permissions set to those of the running user, creates an opportunity for attackers t...