30 matches found
CVE-2025-53919
An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this, leading to elevati...
Portrait Displays Dell Color Management 安全漏洞
Portrait Displays Dell Color Management is a color management software from Portrait Displays USA. A security vulnerability exists in Portrait Displays Dell Color Management version 3.3.008 and prior versions, which stems from the creation of temporary folders with weak permissions during...
EUVD-2021-0893
Malware in sbrugna...
CVE-2021-21428
Openapi generator is a java tool which allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation...
CVE-2024-9500
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...
The vulnerability of the “Avora” operating system’s isolation component, which stems from the lack of control over application permissions, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the “Avora” operating system’s isolation component is related to the lack of control over permissions for applications accessing temporary folders. Exploiting this vulnerability can lead to breaches of data confidentiality, integrity, and accessibility...
PT-2024-6134 · Аврора · Аврора
Name of the Vulnerable Software and Affected Versions: Аврора affected versions not specified Description: The issue is related to a lack of permission control for applications accessing temporary folders in the "Аврора" operating system isolation component. Exploitation of this issue can lead to...
CVE-2023-29081
A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023 R2. This vulnerability may allow locally authenticated users to cause a Denial of Service DoS condition when handling move operations on local, temporary folders...
Design/Logic Flaw
A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023 R2. This vulnerability may allow locally authenticated users to cause a Denial of Service DoS condition when handling move operations on local, temporary folders...
Juniper Junos OS Multiple Vulnerabilities (JSA70587)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA70587 advisory. - An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based...
CVE-2023-28962
An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...
CVE-2023-28963
An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...
CVE-2023-28963
An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...
CVE-2023-28962
An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...
Authentication flaw
An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...
kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...
SAP Business One Information Disclosure Vulnerability (CNVD-2022-58480)
SAP Business One is a suite of enterprise management software from SAP, a German company. The software includes financial management, operations management and human resources management functions.SAP Business One Chef cookbook contains an information disclosure vulnerability that could be...
CVE-2021-27613
Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to...
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. This...
GHSA-23X4-M842-FMWF Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. This...