9 matches found
GHSA-P6RP-MX85-M459 Spring Cloud Contract vulnerable to local information disclosure
In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...
Caml-light 安全漏洞
Caml-Light is an older, open source lightweight implementation of the core Caml language from the Caml team. Caml-light suffers from a security vulnerability that stems from Caml-light = 0.75 using mktemp insecurely and doing unsafe things in TMP during make install...
UBUNTU-CVE-2014-0047
Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...
DEBIAN-CVE-2014-0047
Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...
G-Data DLL Hijacking
Hi @ll, the executable installers of G-Data's "security" products for Windows, available from , allow escalation of privilege! The downloadable executables are self-extractors containing the real executable installer as resource: they create the subdirectory...
Google Chrome Cleanup Tool DLL Hijacking
Hi @ll, Google's softwareremovaltool.exe alias Chrome Cleanup Tool loads and executes several DLLs from its "application directory" during runtime: Windows XP: SetupAPI.dll, NTMarta.dll, ClbCatQ.dll, SRClient.dll, UXTheme.dll, RASAPI32.dll, HNetCfg.dll, IPHlpAPI.dll, RASAdHlp.dll, XPSP2Res.dll,...
Trend Micro DLL Hijacking
Hi @ll, TrendMicroMAX10.0US-enDownloader.exe available from loads and executes ProfAPI.dll and UXTheme.dll and other DLLs too eventually found in the directory it is started from the "application directory". For software downloaded with a web browser the application directory is typically the...
Fedora Core 12 FEDORA-2009-13181 (coreutils)
The remote host is missing an update to coreutils announced via advisory FEDORA-2009-13181. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
Fedora 11 : coreutils-7.2-5.fc11 (2009-13216)
CVE-2009-4135 : Unsafe temporary directory use in 'distcheck' rule Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...