Lucene search
+L

17 matches found

nvd
nvd
added yesterday6 views

CVE-2026-62294

Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...

5.1CVSS
Exploits0References4
cve
cve
added yesterday7 views

CVE-2026-62294

Flameshot prior to 14.0.0 is affected by a local TOCTOU race in the Open With feature. The software wrote screenshots to a predictable temporary path and followed symlinks, enabling a local unprivileged user on the same machine to pre-plant a symlink and cause Flameshot to write PNG data through ...

5.1CVSS6.1AI score
Exploits0References4
euvd
euvd
added yesterday4 views

EUVD-2026-44675

Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...

5.1CVSS6.1AI score
Exploits0References4
cvelist
cvelist
added yesterday25 views

CVE-2026-62294 Flameshot: OCTOU symlink attack via predictable /tmp path in Flameshot "Open With"

Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...

5.1CVSS
Exploits0References4
github
github
added 2026/05/08 6:43 p.m.14 views

Electerm Security Vulnerability: RCE via malicious SSH server filename in openFileWithEditor

Impact A code execution RCE vulnerability exists in electerm's SFTP open with system editor or "Edit with custom editor" feature. When a user opts to edit a file using open with system editor or open with a custom editor, the filename is passed directly into a command line without sanitization. A...

7.8CVSS6.3AI score0.00167EPSS
Exploits0References5Affected Software1
vulnrichment
vulnrichment
added 2026/05/08 2:55 a.m.7 views

CVE-2026-43943 electerm: RCE via malicious SSH server filename in openFileWithEditor

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.7.9, a code execution RCE vulnerability exists in electerm's SFTP open with system editor or "Edit with custom editor" feature. When a user opts to edit a file using open with system edito...

7.8CVSS6.3AI score0.00167EPSS
Exploits0References3
osv
osv
added 2026/05/08 2:55 a.m.4 views

CVE-2026-43943 electerm: RCE via malicious SSH server filename in openFileWithEditor

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.7.9, a code execution RCE vulnerability exists in electerm's SFTP open with system editor or "Edit with custom editor" feature. When a user opts to edit a file using open with system edito...

7.8CVSS6.4AI score0.00167EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/05/01 12:0 a.m.13 views

PT-2026-39629

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions prior to 9.15 Description A symbolic-link path traversal issue exists in the pgAdmin 4 File Manager. The check access permission function utilized os.path.abspath, which resolves parent directory references '..' but fails to...

8.5CVSS7AI score0.00359EPSS
Exploits0References13
cve
cve
added 2025/09/15 2:3 p.m.21 views

CVE-2023-53167

CVE-2023-53167: In the Linux kernel, tracing_err_log_open() can dereference file->private_data if opened with write permissions and then lseek is used, causing a kernel panic via mutex_lock -> seq_lseek. A fix was applied to tracing: Fix null pointer dereference in tracing_err_log_open() fo...

5.5CVSS6.1AI score0.00146EPSS
Exploits0References6Affected Software1
mskb
mskb
added 2024/06/25 12:0 a.m.8 views

June 25, 2024—KB5039299 (OS Build 19045.4598) Preview

None None...

6.1AI score
Exploits0
opensuse
opensuse
added 2020/06/10 12:0 a.m.46 views

Security update for xawtv (moderate)

openSUSE Security Update: Security update for xawtv Announcement ID: openSUSE-SU-2020:0787-1 Rating: moderate References: 1171655 Cross-References: CVE-2020-13696 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for...

4.4CVSS4.7AI score0.00355EPSS
Exploits0References1
openvas
openvas
added 2018/06/25 12:0 a.m.18 views

Microsoft Windows: Turn off access to the Store

This policy setting specifies whether to use the Store service for finding an application to open a file with an unhandled file type or protocol association. When a user opens a file type or protocol that is not associated with any applications on the computer, the user is given the choice to...

7AI score
Exploits0References2
seebug
seebug
added 2014/07/01 12:0 a.m.26 views

Firefox 3.5.3 - Local Download Manager Temp File Creation

No description provided by source. / getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the Open with option, Firefox will create a...

7.1AI score
Exploits0
seebug
seebug
added 2009/10/28 12:0 a.m.31 views

Firefox 3.5.3 local download manager temp file creation

No description provided by source. / getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the "Open with" option, Firefox will create a...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2009/10/28 12:0 a.m.34 views

Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation

/ getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the "Open with" option, Firefox will create a temporary file in the form of RANDOM.pa...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/10/28 12:0 a.m.32 views

Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation

Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation / getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the "Open with"...

7.3AI score
Exploits0
zdt
zdt
added 2009/10/28 12:0 a.m.28 views

Firefox 3.5.3 local download manager temp file creation

Exploit for unknown platform in category local exploits ======================================================= Firefox 3.5.3 local download manager temp file creation ======================================================= Title: Firefox 3.5.3 local download manager temp file creation CVE-ID:...

6.8AI score
Exploits0
Rows per page
Query Builder