CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration

Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the application starts...

CVE-2026-48693

FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' src/fastnetmon.cpp line 159. The printscreencontentsintofile function src/fastnetmonlogic.cpp line 2186 opens this path...

Insecure Temporary File Usage

llama-index-core is vulnerable to Insecure Temporary File Usage. The vulnerability is due to the use of a predictable hardcoded cache directory /tmp/llamaindex in getcachedir, where attackers on multi-user Linux systems can steal cached model data, poison embeddings, or exploit symlink race...

EUVD-2024-3190

Malicious code in bioql PyPI...

Creation of Temporary File With Insecure Permissions

Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Creation of Temporary File With Insecure Permissions via the getcachedir function, which uses a predictable and hardcoded directory path /tmp/llamaindex without proper security...

CVE-2025-7647

The llama-index-core package, up to version 0.12.44, contains a vulnerability in the getcachedir function where a predictable, hardcoded directory path /tmp/llamaindex is used on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal...

PT-2025-39733

Name of the Vulnerable Software and Affected Versions llama-index-core versions through 0.12.44 Description The software has an issue in the get cache dir function due to the use of a predictable, hardcoded directory path /tmp/llama index on Linux systems without sufficient security measures. Thi...

Linux Distros Unpatched Vulnerability : CVE-2023-34049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an...

SUSE CVE-2023-34049

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

Salt preflight script could be attacker controlled

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

CVE-2024-34990

CVE-2024-34990 affects the PrestaShop FME Modules Help Desk – Customer Support Management System up to version 2.4.0. The vulnerability arises from allow­ing PHP file uploads via HelpdeskHelpdeskModuleFrontController::submitTicket() and HelpdeskHelpdeskModuleFrontController::replyTicket(), upload...

PT-2024-26280 · Unknown · Help Desk - Customer Support Management System

Name of the Vulnerable Software and Affected Versions: Help Desk - Customer Support Management System versions up to 2.4.0 Description: The issue allows a customer to upload .php files. Methods HelpdeskHelpdeskModuleFrontController::submitTicket and...

silverstripe/userforms file upload exposure on UserForms module

The userforms module allows CMS administrators to create public facing forms with file upload abilities. These files are uploaded into a predictable public path on the website, unless configured otherwise by the CMS administrator setting up the form. While the name of the uploaded file itself is...

Ubuntu 18.04 ESM : Bundler vulnerability (USN-4870-1)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4870-1 advisory. It was discovered that Bundler incorrectly created directories with insecure permissions in /tmp. An attacker could write malicious libraries to this location for...

CVE-2023-34204

imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus for example an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it...

PT-2023-24655 · Salt-Ssh +3 · Salt-Ssh +3

Name of the Vulnerable Software and Affected Versions: Salt-SSH affected versions not specified Description: The issue concerns a predictable script path in the Salt-SSH pre-flight option, allowing an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and...

CVE-2022-40299

In Singular before 4.3.1, a predictable /tmp pathname is used e.g., by sdb.cc, which allows local users to gain the privileges of other users via a procedure in a file under /tmp. NOTE: this CVE Record is about sdb.cc and similar files in the Singular interface that have predictable /tmp pathname...

Singular 安全特征问题漏洞

Singular is a computer algebra system for polynomial computation open-sourced by Singular in Germany. A security vulnerability exists in versions of Singular prior to 4.3.1 that stems from its use of a predictable /tmp pathname e.g., sdb.cc, which allows a local user to gain privileges from other...

CVE-2019-13226

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/block-dev-basename in the Helper::temporaryMountDevice function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to have the file system mounted in an arbitrary...

OESA-2021-1419 rubygem-bundler security update

Bundler manages an application's dependencies through its entire life, across many machines, systematically and repeatably. Security Fixes: Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home...