CVE-2021-36880

Unauthenticated SQL Injection SQLi vulnerability in WordPress uListing plugin versions = 2.0.3, vulnerable parameter: custom...

Pornhub: XSS via JavaScript evaluation of an attacker controlled resource at www.pornhub.com

The researcher was able to execute arbitrary JavaScript code within the scope of the target domain by exploiting a reflected cross-site scripting vulnerability in a custom library...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

Updated hawtjni packages fix security vulnerability

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp/ when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJ...

DEBIAN-CVE-2013-2035

Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp...

MySQL < 4.0.24 / 4.1.10a Multiple Vulnerabilities

The remote host is running a version of MySQL which older than version 4.0.24 or 4.1.10a. Such versions are potentially affected by multiple issues. - MySQL uses predictable file names when creating temporary tables, which allows local users with 'CREATE TEMPORARY TABLE' privileges to overwrite...