RHEL 5 : iproute (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iproute: multiple insecure temporary file use issues CVE-2012-1088 Note that Nessus has not tested for this issue b...

RHEL 4 : foomatic (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - foomatic: foomatic-rip debug mode insecure temporary file use in renderer command line by processing...

RHEL 6 : crypto-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - crypto-utils: insecure temporary file usage in genkey CVE-2012-3504 Note that Nessus has not tested for this issue...

RHEL 6 : ant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ant: insecure temporary file CVE-2020-11979 - Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the...

RHEL 5 : ant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ant: insecure temporary file CVE-2020-11979 - Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the...

RHEL 8 : Red Hat Virtualization (RHSA-2023:0759)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0759 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs ...

RHEL 5 / 6 : Red Hat Storage 2.0 security, update #3 (Low) (RHSA-2012:1456)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1456 advisory. - GlusterFS: insecure temporary file creation CVE-2012-4417 Note that Nessus has not tested for this issue but has instead relied only on the...

CVE-2023-1713 Bitrix24 Remote Command Execution (RCE) via Insecure Temporary File Creation

Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file...

SUSE CVE-2023-43783

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The filename is used even if it has been created by a local adversary before Cadence started. The adversary can leverage this to create or overwrite files via a symlink attack. In some kernel configuration...

CVE-2023-43783

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The filename is used even if it has been created by a local adversary before Cadence started. The adversary can leverage this to create or overwrite files via a symlink attack. In some kernel configuration...

CVE-2023-43782

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/.cadence-aloop-daemon.x Temporary File. The file is used even if it has been created by a local adversary before Cadence started. The adversary can then delete the file, disrupting Cadence...

Arbitrary file deletion

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/.cadence-aloop-daemon.x Temporary File. The file is used even if it has been created by a local adversary before Cadence started. The adversary can then delete the file, disrupting Cadence...

Cadence Design Systems GUI Security Vulnerability

Cadence Design Systems GUI is a Graphical User Interface GUI from Cadence Design Systems, Inc. to support its suite of Electronic Design Automation EDA software tools. A security vulnerability exists in Cadence Design Systems GUI version 0.9.2 and prior versions, which stems from the use of an...

PT-2023-28980 · Cadence · Cadence

Name of the Vulnerable Software and Affected Versions: Cadence versions through 0.9.2 Description: The issue arises from Cadence using an insecure temporary file, /tmp/.cadence-aloop-daemon.x, which can be created by a local adversary before Cadence starts. If the adversary creates this file and...

OESA-2023-1633 rubygem-activesupport security update

A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. Security Fixes: An insecure temporary file vulnerability was found in activesupport rubygem. Contents that will be encrypt...

CVE-2023-34119

Insecure temporary file in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access...

Zoom Rooms 安全漏洞

Zoom Rooms is a software-based conferencing system from Zoom USA. A system that allows web conferencing on fixed endpoints, similar to traditional video conferencing systems. A security vulnerability previously existed in Zoom Rooms version 5.15.0, which originated from an insecure temporary file...

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

CVE-2023-2800

Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0...

Design/Logic Flaw

Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0...