Lucene search
K

9 matches found

OSV
OSV
added 2024/01/31 9:30 a.m.3 views

GHSA-P6RP-MX85-M459 Spring Cloud Contract vulnerable to local information disclosure

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

3.3CVSS6.1AI score0.00223EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/26 12:0 a.m.5 views

Caml-light 安全漏洞

Caml-Light is an older, open source lightweight implementation of the core Caml language from the Caml team. Caml-light suffers from a security vulnerability that stems from Caml-light = 0.75 using mktemp insecurely and doing unsafe things in TMP during make install...

9.8CVSS8.2AI score0.01831EPSS
Exploits1References4
OSV
OSV
added 2017/10/06 3:29 p.m.7 views

UBUNTU-CVE-2014-0047

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...

7.8CVSS5.8AI score0.00388EPSS
Exploits0References3
OSV
OSV
added 2017/10/06 3:29 p.m.2 views

DEBIAN-CVE-2014-0047

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...

7.8CVSS7.6AI score0.00388EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2016/04/18 12:0 a.m.32 views

G-Data DLL Hijacking

Hi @ll, the executable installers of G-Data's "security" products for Windows, available from , allow escalation of privilege! The downloadable executables are self-extractors containing the real executable installer as resource: they create the subdirectory...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2016/02/26 12:0 a.m.46 views

Google Chrome Cleanup Tool DLL Hijacking

Hi @ll, Google's softwareremovaltool.exe alias Chrome Cleanup Tool loads and executes several DLLs from its "application directory" during runtime: Windows XP: SetupAPI.dll, NTMarta.dll, ClbCatQ.dll, SRClient.dll, UXTheme.dll, RASAPI32.dll, HNetCfg.dll, IPHlpAPI.dll, RASAdHlp.dll, XPSP2Res.dll,...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/31 12:0 a.m.59 views

Trend Micro DLL Hijacking

Hi @ll, TrendMicroMAX10.0US-enDownloader.exe available from loads and executes ProfAPI.dll and UXTheme.dll and other DLLs too eventually found in the directory it is started from the "application directory". For software downloaded with a web browser the application directory is typically the...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.24 views

Fedora Core 12 FEDORA-2009-13181 (coreutils)

The remote host is missing an update to coreutils announced via advisory FEDORA-2009-13181. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

4.4CVSS6.4AI score0.00379EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/12/18 12:0 a.m.30 views

Fedora 11 : coreutils-7.2-5.fc11 (2009-13216)

CVE-2009-4135 : Unsafe temporary directory use in 'distcheck' rule Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

4.4CVSS5.3AI score0.00379EPSS
Exploits1References3
Rows per page
Query Builder