Lucene search
K

42 matches found

Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-46406 Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write

Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...

4.4CVSS0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40068

GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely on the process ID PID. This predictable filename is created without...

2CVSS5.9AI score0.00117EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 5:4 a.m.9 views

CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration

Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the application starts...

5.3CVSS5.5AI score0.00094EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 5:4 a.m.33 views

CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration

Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the application starts...

5.3CVSS0.00094EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/26 12:0 a.m.12 views

CVE-2026-48693

FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' src/fastnetmon.cpp line 159. The printscreencontentsintofile function src/fastnetmonlogic.cpp line 2186 opens this path...

5.5CVSS5.9AI score0.00127EPSS
Exploits0
Veracode
Veracode
added 2025/11/14 4:38 a.m.5 views

Insecure Temporary File Usage

llama-index-core is vulnerable to Insecure Temporary File Usage. The vulnerability is due to the use of a predictable hardcoded cache directory /tmp/llamaindex in getcachedir, where attackers on multi-user Linux systems can steal cached model data, poison embeddings, or exploit symlink race...

7.3CVSS6.9AI score0.00134EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3190

Malicious code in bioql PyPI...

6.7CVSS7.2AI score0.00187EPSS
Exploits0References6
Snyk
Snyk
added 2025/09/27 5:43 p.m.1 views

Creation of Temporary File With Insecure Permissions

Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Creation of Temporary File With Insecure Permissions via the getcachedir function, which uses a predictable and hardcoded directory path /tmp/llamaindex without proper security...

8.4CVSS6.9AI score0.00134EPSS
Exploits0References2
OSV
OSV
added 2025/09/27 5:15 p.m.4 views

CVE-2025-7647

The llama-index-core package, up to version 0.12.44, contains a vulnerability in the getcachedir function where a predictable, hardcoded directory path /tmp/llamaindex is used on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal...

7.3CVSS6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/27 12:0 a.m.5 views

PT-2025-39733

Name of the Vulnerable Software and Affected Versions llama-index-core versions through 0.12.44 Description The software has an issue in the get cache dir function due to the use of a predictable, hardcoded directory path /tmp/llama index on Linux systems without sufficient security measures. Thi...

7.3CVSS7.4AI score0.00134EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-34049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an...

6.7CVSS7AI score0.00187EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/14 6:24 a.m.4 views

SUSE CVE-2023-34049

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

8.4CVSS7.2AI score0.00187EPSS
Exploits0References18
Github Security Blog
Github Security Blog
added 2024/11/14 6:30 a.m.15 views

Salt preflight script could be attacker controlled

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS6.7AI score0.00187EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2024/06/19 12:0 a.m.44 views

CVE-2024-34990

CVE-2024-34990 affects the PrestaShop FME Modules Help Desk – Customer Support Management System up to version 2.4.0. The vulnerability arises from allow­ing PHP file uploads via HelpdeskHelpdeskModuleFrontController::submitTicket() and HelpdeskHelpdeskModuleFrontController::replyTicket(), upload...

10CVSS7.2AI score0.00514EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/19 12:0 a.m.3 views

PT-2024-26280 · Unknown · Help Desk - Customer Support Management System

Name of the Vulnerable Software and Affected Versions: Help Desk - Customer Support Management System versions up to 2.4.0 Description: The issue allows a customer to upload .php files. Methods HelpdeskHelpdeskModuleFrontController::submitTicket and...

10CVSS7.3AI score0.00514EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/05/28 5:21 p.m.12 views

silverstripe/userforms file upload exposure on UserForms module

The userforms module allows CMS administrators to create public facing forms with file upload abilities. These files are uploaded into a predictable public path on the website, unless configured otherwise by the CMS administrator setting up the form. While the name of the uploaded file itself is...

7AI score
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.33 views

Ubuntu 18.04 ESM : Bundler vulnerability (USN-4870-1)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4870-1 advisory. It was discovered that Bundler incorrectly created directories with insecure permissions in /tmp. An attacker could write malicious libraries to this location for...

7.8CVSS7.2AI score0.00529EPSS
Exploits0References2
OSV
OSV
added 2023/05/30 4:15 a.m.13 views

CVE-2023-34204

imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus for example an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it...

6.5CVSS7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/01 12:0 a.m.3 views

PT-2023-24655 · Salt-Ssh +3 · Salt-Ssh +3

Name of the Vulnerable Software and Affected Versions: Salt-SSH affected versions not specified Description: The issue concerns a predictable script path in the Salt-SSH pre-flight option, allowing an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and...

8.1CVSS7.2AI score0.01207EPSS
Exploits1References94
ATTACKERKB
ATTACKERKB
added 2022/09/09 1:15 a.m.2 views

CVE-2022-40299

In Singular before 4.3.1, a predictable /tmp pathname is used e.g., by sdb.cc, which allows local users to gain the privileges of other users via a procedure in a file under /tmp. NOTE: this CVE Record is about sdb.cc and similar files in the Singular interface that have predictable /tmp pathname...

7.8CVSS7.1AI score0.00313EPSS
Exploits1References4
Rows per page
Query Builder