CVE-2026-2817 Spring Data Geode Insecure Temporary Directory Usage

Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp location. On shared hosts, a local user with basic privileges can access another user’s extracted snapshot contents, leading to unintended exposure of...

CVE-2026-2817 Spring Data Geode Insecure Temporary Directory Usage

Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp location. On shared hosts, a local user with basic privileges can access another user’s extracted snapshot contents, leading to unintended exposure of...

Spring Data Geode 安全漏洞

Spring Data Geode is a software developed by Spring for configuring, operating, and accessing distributed data management systems. There is a security vulnerability in Spring Data Geode, which stems from the use of an insecure directory during the snapshot import process. Archives are stored in a...

CVE-2025-71176

A flaw was found in pytest. This vulnerability allows local users to exploit insecure temporary directory handling, specifically the reliance on predictable directory names in /tmp/pytest-of-user. An attacker can leverage this to cause a denial of service DoS or potentially gain elevated privileg...

CVE-2025-32919

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32919

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32919

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

EUVD-2025-33350

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32919 Privilege Escalation in Windows License plugin for Checkmk Windows Agent

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32919 Privilege Escalation in Windows License plugin for Checkmk Windows Agent

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32919

CVE-2025-32919 is due to use of an insecure temporary directory in the Windows License plugin of the Checkmk Windows Agent, enabling local privilege escalation. Affected versions: Checkmk 2.4.0 before 2.4.0p13, 2.3.0 before 2.3.0p38, 2.2.0 before 2.2.0p46, and all 2.1.0 (EOL). Root cause: insecur...

PT-2025-41388

Name of the Vulnerable Software and Affected Versions Checkmk versions 2.1.0 Checkmk versions 2.2.0 through 2.2.0p45 Checkmk versions 2.3.0 through 2.3.0p37 Checkmk versions 2.4.0 through 2.4.0p12 Description The Windows License plugin for the Checkmk Windows Agent contains a flaw related to the...

CVE-2011-4119

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

CVE-2024-9950

A vulnerability in Forescout SecureConnector v11.3.07.0109 on Windows allows unauthenticated user to modify compliance scripts due to insecure temporary directory...

ForeScout SecureConnector 安全漏洞

ForeScout SecureConnector is a network security software from ForeScout, Inc. that authenticates machines attempting to join a network. A security vulnerability exists in ForeScout SecureConnector version 11.3.07.0109, which stems from an insecure temporary directory causing an unauthenticated us...

RHEL 8 : guava (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - guava: insecure temporary directory creation CVE-2023-2976 Note that Nessus has not tested for this issue but has...

RHEL 6 : guava (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - guava: insecure temporary directory creation CVE-2023-2976 Note that Nessus has not tested for this issue but has...

RHEL 7 : guava (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - guava: local information disclosure via temporary directory created with unsafe permissions CVE-2020-8908...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update on RHEL 9

New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...