78 matches found
Unity Linux 20.1070e Security Update: jersey (UTSA-2026-016750)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016750 advisory. Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFil...
MiracleLinux 8 : postgresql-jdbc-42.2.14-2.el8 (AXSA:2023-5995:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5995:03 advisory. postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions CVE-2022-41946 Tenable has extracted the preceding...
PT-2026-2465
Name of the Vulnerable Software and Affected Versions Dell SupportAssist OS Recovery versions prior to 5.5.15.1 Description Dell SupportAssist OS Recovery contains a flaw related to the creation of temporary files with insecure permissions. A local attacker with low privileges could potentially...
PT-2026-2466
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2020-10237
An issue was discovered in Froxlor through 0.10.15. The installer wrote configuration parameters including passwords into files in /tmp, setting proper permissions only after writing the sensitive data. A local attacker could have disclosed the information if he read the file at the right time,...
Adobe Creative Cloud Desktop Application Denial of Service Vulnerability (CNVD-2026-10898)
Adobe Creative Cloud Desktop Application is a suite of applications for managing applications and services in the Creative Cloud Membership Management Center from Adobe USA. The program supports synchronizing and sharing files, managing fonts, and accessing asset libraries for commercial...
Adobe Creative Cloud Desktop 安全漏洞
Adobe Creative Cloud Desktop Application is a suite of applications for managing applications and services in the Creative Cloud Membership Management Center from Adobe USA. The program supports synchronizing and sharing files, managing fonts, and accessing asset libraries for commercial...
EUVD-2002-1949
Malware in sbrugna...
EUVD-2021-12213
Malware in sbrugna...
EUVD-2008-4394
Malware in sbrugna...
EUVD-2021-0549
Malware in sbrugna...
EUVD-2023-25779
Malicious code in bioql PyPI...
EUVD-2022-0160
Malicious code in bioql PyPI...
EUVD-2025-23870
Malicious code in bioql PyPI...
OESA-2025-2296 apache-mime4j security update
Java stream based MIME message parser. Security Fixes: Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to...
Mihomo Party 安全漏洞
Mihomo Party is a web proxy tool from the Chinese company Mihomo Party. A security vulnerability exists in Mihomo Party 1.8.1 and earlier versions, which stems from improperly set permissions on temporary files and could lead to a local attack...
CVE-2025-38747
Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to Elevation of Privileges...
Information Disclosure
org.codelibs.fess, fess is vulnerable to Information Disclosure. The vulnerability is due to insecure temporary file creation by the use of createTempFile without setting restrictive permissions, which allows an attacker with local access to read sensitive data from these files...
Fess has Insecure Temporary File Permissions
Summary Fess an open-source Enterprise Search Server creates temporary files without restrictive permissions, which may allow local attackers to read sensitive information from these temporary files. Details The createTempFile method in org.codelibs.fess.helper.SystemHelper creates temporary file...
CVE-2025-48382 Fess has Insecure Temporary File Permissions
Fess is a deployable Enterprise Search Server. Prior to version 14.19.2, the createTempFile method in org.codelibs.fess.helper.SystemHelper creates temporary files without explicitly setting restrictive permissions. This could lead to potential information disclosure, allowing unauthorized local...