395 matches found
CodexBar security vulnerabilities
CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.32.0 contained security vulnerabilities. These vulnerabilities stemmed from the handling of insecure temporary files during the publication of workflows, which could allow...
ROS-20260513-73-0016
Vulnerability in python-requests related to insecure temporary files. Exploitation of the vulnerability could allow an attacker to overwrite arbitrary files...
ROS-20260513-73-0017
Vulnerability in python2-requests related to insecure temporary files. Exploitation of the vulnerability could allow an attacker to overwrite arbitrary files...
CVE-2026-35342
CVE-2026-35342 affects the mktemp utility in the uutils coreutils project. The issue arises because the implementation does not treat an empty TMPDIR as a fallback to /tmp (unlike GNU mktemp); instead, it treats an empty string as a valid path, causing temporary files to be created in the current...
CVE-2026-35342 uutils coreutils mktemp Insecure Temporary File Placement via Empty TMPDIR
The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable. Unlike GNU mktemp, which falls back to /tmp when TMPDIR is an empty string, the uutils implementation treats the empty string as a valid path. This causes temporary files to be created in the...
CVE-2026-4822
A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\ProgramData\IperiusBackup\Jobs\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only...
CVE-2026-4822 Enter Software Iperius Backup Backup Service temp file
A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\ProgramData\IperiusBackup\Jobs\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only...
CVE-2026-4822 Enter Software Iperius Backup Backup Service temp file
A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\ProgramData\IperiusBackup\Jobs\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only...
PT-2026-28125
Name of the Vulnerable Software and Affected Versions Iperius Backup versions prior to 8.7.4 Description A security issue exists in Iperius Backup. A manipulation of a file within the Backup Service component can lead to the creation of temporary files with insecure permissions. This requires loc...
openSUSE sdbootutil 安全漏洞
openSUSE sdbootutil is a command-line tool developed by openSUSE, an open-source project from Germany. openSUSE sdbootutil has a security vulnerability, which stems from insecure temporary files. This vulnerability could allow local users to pre-create directories to access private information,...
MiracleLinux 7 : libqb-1.0.1-9.el7 (AXSA:2020-4550:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4550:01 advisory. libqb: Insecure treatment of IPC temporary files CVE-2019-12779 Tenable has extracted the preceding description block directly from the MiracleLinux security...
CVE-2025-46685
Summary: CVE-2025-46685 affects Dell SupportAssist OS Recovery prior to 5.5.15.1. The issue is a creation of temporary files with insecure permissions, enabling a low-privilege, local attacker to achieve elevation of privileges. The connected sources consistently describe the same impact and affe...
Dell SupportAssist OS Recovery 安全漏洞
Dell SupportAssist OS Recovery is a Dell USA company that provides a recovery environment that contains tools for diagnosing and resolving problems that may occur before the computer boots into the operating system. A security vulnerability exists in Dell SupportAssist OS Recovery versions prior ...
CVE-2025-14614
Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer SFX on Windows, Altera Quartus Prime Lite Installer SFX on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1...
CVE-2025-14612
Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer SFX on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1...
CVE-2025-14612
Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer SFX on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1...
CVE-2025-14614
CVE-2025-14614 concerns an insecure temporary file handling in Altera Quartus Prime installers on Windows (Standard Installer SFX and Lite Installer SFX). The underlying issue is predictable temporary file names used during installation, enabling potential exposure via local access. Affected prod...
CVE-2025-14614 Quartus® Prime Standard and Quartus® Prime Lite Security Advisory
Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer SFX on Windows, Altera Quartus Prime Lite Installer SFX on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1...
CVE-2025-14614 Quartus® Prime Standard and Quartus® Prime Lite Security Advisory
Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer SFX on Windows, Altera Quartus Prime Lite Installer SFX on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1...
CVE-2025-14612
The CVE-2025-14612 issue is confirmed in Altera Quartus Prime Pro Installer (SFX) on Windows, caused by the installer using predictable temporary file names. Affected: Quartus Prime Pro versions 24.1 through 25.1.1. Impact categories include risks from insecure temporary file handling. Remediatio...