Lucene search
K

159 matches found

Vulnrichment
Vulnrichment
added 2022/11/29 4:50 p.m.5 views

CVE-2022-21126 Creation of Temporary File in Directory with Insecure Permissions

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it...

7.3CVSS7.6AI score0.00699EPSS
Exploits1References3
OSV
OSV
added 2022/11/29 4:50 p.m.13 views

CVE-2022-21126 Creation of Temporary File in Directory with Insecure Permissions

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it...

7.3CVSS7.1AI score0.00699EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/11/17 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:4022-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.08235EPSS
Exploits0References5
OSV
OSV
added 2022/11/16 3:8 p.m.5 views

SUSE-SU-2022:4022-1 Security update for ant

This update for ant fixes the following issues: - CVE-2020-1945: Fixed insecure temporary file vulnerability bsc1171696. - CVE-2020-11979: Fixed issue introduced with fix for CVE-2020-1945 bsc1177180...

7.5CVSS7AI score0.08235EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/11/01 2:11 a.m.3 views

CVE-2022-41553 Information Exposure Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer

Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux Analytics probe component, Hitachi Ops Center Analyzer on Linux Hitachi Ops Center Analyzer probe component allows local users to gain sensitive information. This issue affect...

6.5CVSS6.8AI score0.00173EPSS
Exploits0References1
OSV
OSV
added 2022/03/16 10:15 a.m.10 views

CVE-2021-46705

A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2...

4.4CVSS5.9AI score0.00236EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2021/08/07 12:0 a.m.40 views

Debian DSA-4950-1 : ansible - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4950 advisory. Several vulnerabilities have been found in Ansible, a configuration management, deployment and task execution system, which could result in information disclosure...

7.9CVSS6.7AI score0.02043EPSS
Exploits6References39
Cvelist
Cvelist
added 2021/05/12 9:5 a.m.17 views

CVE-2021-23892

By exploiting a time of check to time of use TOCTOU race condition during the Endpoint Security for Linux Threat Prevention and Firewall ENSL TP/FW installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrar...

8.2CVSS8.6AI score0.00197EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.31 views

openSUSE Security Update : ant (openSUSE-2020-1022)

This update for ant fixes the following issues : - CVE-2020-1945: Fixed an inseure temorary file vulnerability which could have potentially leaked sensitive information bsc1171696. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The...

6.3CVSS7.1AI score0.01793EPSS
Exploits0References2
OSV
OSV
added 2020/07/17 11:50 a.m.7 views

SUSE-SU-2020:1944-1 Security update for ant

This update for ant fixes the following issues: - CVE-2020-1945: Fixed an inseure temorary file vulnerability which could have potentially leaked sensitive information bsc1171696...

6.3CVSS6.8AI score0.01793EPSS
Exploits0References3
CVE
CVE
added 2020/05/13 7:7 p.m.77 views

CVE-2020-1994

The connected advisories confirm CVE-2020-1994 in PAN-OS: a predictable temporary file vulnerability exploitable by a local authenticated user with shell access, allowing corruption of arbitrary system files and compromising integrity. Affected: PAN-OS 7.1 and 8.0; PAN-OS 8.1 prior to 8.1.13; PAN...

4.9CVSS4.5AI score0.00236EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/04/08 7:15 p.m.9 views

CVE-2020-1991

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect...

7.1CVSS7.1AI score0.00277EPSS
Exploits0References1
OSV
OSV
added 2019/11/21 11:15 p.m.8 views

CVE-2014-5254

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files...

4.7CVSS6.8AI score0.00344EPSS
Exploits1References8
OSV
OSV
added 2019/11/19 10:15 p.m.10 views

CVE-2011-2924

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileg...

5.5CVSS6.5AI score0.00434EPSS
Exploits0References8
OSV
OSV
added 2019/11/19 9:15 p.m.7 views

CVE-2011-2923

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges ...

5.5CVSS6.5AI score0.00402EPSS
Exploits0References6
NVD
NVD
added 2019/11/04 10:15 p.m.28 views

CVE-2013-4374

An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files...

7.1CVSS6.9AI score0.00309EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/11/04 6:50 p.m.22 views

CVE-2013-4280

Insecure temporary file vulnerability in RedHat vsdm 4.9.6...

5.5AI score0.00422EPSS
Exploits1References3
CNVD
CNVD
added 2019/11/04 12:0 a.m.2 views

Red Hat OpenShift Input Validation Error Vulnerability

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying and running applications. An input validation error vulnerability in the cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh file in Red Hat...

7.5CVSS6.9AI score0.00813EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2019/11/01 7:15 p.m.4 views

CVE-2013-0178

Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm...

5.5CVSS5.5AI score0.00415EPSS
Exploits0References7Affected Software1
Veracode
Veracode
added 2019/05/02 5:2 a.m.26 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

10CVSS8.5AI score0.07571EPSS
Exploits0References16Affected Software2
Rows per page
Query Builder