159 matches found
CVE-2022-21126 Creation of Temporary File in Directory with Insecure Permissions
The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it...
CVE-2022-21126 Creation of Temporary File in Directory with Insecure Permissions
The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it...
SUSE: Security Advisory (SUSE-SU-2022:4022-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:4022-1 Security update for ant
This update for ant fixes the following issues: - CVE-2020-1945: Fixed insecure temporary file vulnerability bsc1171696. - CVE-2020-11979: Fixed issue introduced with fix for CVE-2020-1945 bsc1177180...
CVE-2022-41553 Information Exposure Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer
Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux Analytics probe component, Hitachi Ops Center Analyzer on Linux Hitachi Ops Center Analyzer probe component allows local users to gain sensitive information. This issue affect...
CVE-2021-46705
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2...
Debian DSA-4950-1 : ansible - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4950 advisory. Several vulnerabilities have been found in Ansible, a configuration management, deployment and task execution system, which could result in information disclosure...
CVE-2021-23892
By exploiting a time of check to time of use TOCTOU race condition during the Endpoint Security for Linux Threat Prevention and Firewall ENSL TP/FW installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrar...
openSUSE Security Update : ant (openSUSE-2020-1022)
This update for ant fixes the following issues : - CVE-2020-1945: Fixed an inseure temorary file vulnerability which could have potentially leaked sensitive information bsc1171696. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The...
SUSE-SU-2020:1944-1 Security update for ant
This update for ant fixes the following issues: - CVE-2020-1945: Fixed an inseure temorary file vulnerability which could have potentially leaked sensitive information bsc1171696...
CVE-2020-1994
The connected advisories confirm CVE-2020-1994 in PAN-OS: a predictable temporary file vulnerability exploitable by a local authenticated user with shell access, allowing corruption of arbitrary system files and compromising integrity. Affected: PAN-OS 7.1 and 8.0; PAN-OS 8.1 prior to 8.1.13; PAN...
CVE-2020-1991
An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect...
CVE-2014-5254
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files...
CVE-2011-2924
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileg...
CVE-2011-2923
foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges ...
CVE-2013-4374
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files...
CVE-2013-4280
Insecure temporary file vulnerability in RedHat vsdm 4.9.6...
Red Hat OpenShift Input Validation Error Vulnerability
Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying and running applications. An input validation error vulnerability in the cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh file in Red Hat...
CVE-2013-0178
Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm...
Information Disclosure
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...