Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-boot (CVE-2026-40973, CVE-2026-40975, CVE-2026-40977)

Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-40973, CVE-2026-40975, CVE-2026-40977 reported for spring-boot-3.4.11.jar. Vulnerability Details CVEID:CVE-2026-40973 DESCRIPTION: A local attacker on the same host as the application may be able to take control of the...

Astra Linux - уязвимость в nano

A vulnerability was discovered in GNU Nano, which allows for potential privilege escalation through an insecure temporary file. If Nano is terminated while editing, a file that it saves to an emergency file, with permissions set to those of the running user, creates an opportunity for attackers t...

Insecure Temporary File

Overview Affected versions of this package are vulnerable to Insecure Temporary File due to the ApplicationTemp mechanism creating a temporary directory using a predictable name. Because the name can be easily guessed, a local attacker on the same server can maliciously pre-create this directory...

EUVD-2026-15754

Requests has Insecure Temp File Reuse in its extractzippedpaths utility function...

Insecure Temporary File

Overview Affected versions of this package are vulnerable to Insecure Temporary File via the extractzippedpaths function. An attacker can leverage unauthorized file replacement by pre-creating a malicious file in the system's temporary directory prior to extraction. Note: Only applications that...

Insecure Temporary File

Overview @capgo/cli is an A CLI to upload to capgo servers Affected versions of this package are vulnerable to Insecure Temporary File via unsafe file operations that follow symlinks and do not enforce secure permissions. An attacker can overwrite arbitrary files or expose sensitive credential...

CVE-2026-25701

An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a directory to achieve various effects like: gain access to possible private information found in /var/lib/pcrlock.d manipulate the data backed up in /tmp/pcrlock.d.bak, therefore violating the...

CVE-2026-25701

CVE-2026-25701 affects sdbootutil and is described as an Insecure Temporary File vulnerability allowing a local user to pre-create directories to access data in /var/lib/pcrlock.d, influence backups under /tmp/pcrlock.d.bak, and potentially overwrite protected files by placing symlinks in the /tm...

CVE-2025-46684

Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering...

CVE-2022-0736

Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1...

CVE-2025-14614

Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer SFX on Windows, Altera Quartus Prime Lite Installer SFX on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1...

CVE-2025-14612 Quartus Prime Pro Edition Advisory

Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer SFX on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1...

Insecure Temporary File

Overview net.sf.robocode:robocode.battle is a Build the best - destroy the rest! Affected versions of this package are vulnerable to Insecure Temporary File via the createTempFile function. An attacker can execute arbitrary code or overwrite critical files by manipulating the temporary file...

CVE-2025-14307

Robocode 1.9.3.6 AutoExtract has an insecure temporary file creation vulnerability in createTempFile that can allow race-condition exploitation to potentially execute arbitrary code or overwrite files. The issue arises from insecure handling of temporary files, as described across multiple source...

CVE-2025-14307

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files...

DELL Alienware Command Center Elevation of Privilege Vulnerability

DELL Alienware Command Center is Dell's proprietary control software for Alienware-branded computers, which is used to customize hardware features, optimize performance and manage game settings. An elevation of privilege vulnerability exists in DELL Alienware Command Center, which stems from an...

CVE-2025-46368

Dell Alienware Command Center 6.x AWCC, versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

EUVD-2025-175360

Dell Alienware Command Center 6.x AWCC, versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation...

CVE-2025-46369

Dell Alienware Command Center 6.x AWCC, versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation...

CVE-2025-46369

Dell Alienware Command Center (AWCC) 6.x, prior to 6.10.15.0, contains an Insecure Temporary File flaw that can be exploited locally by a low-privilege user to achieve privilege escalation. The vulnerability stems from handling of temporary files, enabling elevation of privileges on the host. Aff...