CVE-2026-20204 Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterprise

In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles could potentially perform ...

PT-2026-33066

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.1 Splunk Enterprise versions prior to 10.0.5 Splunk Enterprise versions prior to 9.4.10 Splunk Enterprise versions prior to 9.3.11 Splunk Cloud Platform versions prior to 10.4.2603.0 Splunk Cloud Platfo...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. A security vulnerability exists in Apple macOS, which stems from improper handling of temporary files, and can be exploited by an attacker to cause an application to access sensitive user data...

macOS 26.x < 26.3 Multiple Vulnerabilities (126348)

The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.3. It is, therefore, affected by multiple vulnerabilities: - A race condition was addressed with improved handling of symbolic links. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPad...

CVE-2023-40438

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14, iOS 16.7 and iPadOS 16.7. An app may be able to access edited photos saved to a temporary directory...

CVE-2025-33028

In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...

CVE-2025-33026

CVE-2025-33026 affects PeaZip up to version 10.4.0. The vulnerability is a Mark-of-the-Web bypass in the handling of archived files: when extracting files from a crafted archive that bears MOTW, PeaZip does not propagate MOTW to the extracted files, which can allow arbitrary code execution in the...

CVE-2024-40844

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to observe data displayed to the user by Shortcuts...

CVE-2024-44181

The CVE-2024-44181 entry concerns macOS: an issue in handling of temporary files could allow an app to read sensitive location information. Affected products/versions are macOS Ventura 13.7, macOS Sonoma 14.7, and macOS Sequoia 15. The root cause is improved handling of temporary files (as descri...

Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment. A security vulnerability exists in Node.js versions 22.x, 20.x, and 18.x that stems from improper handling of batch files with all possible extensions, which can lead to arbitrary command injection as well as code execution...

CVE-2024-27845

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.5 and iPadOS 17.5. An app may be able to access Notes attachments...

USN-6783-1 vlc vulnerabilities

It was discovered that VLC incorrectly handled certain media files. A remote attacker could possibly use this issue to cause VLC to crash, resulting in a denial of service, or potential arbitrary code execution...

CVE-2023-42896

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to modify protected parts of the file system...

CVE-2024-23287

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access user-sensitive data...

Apple macOS Sonoma Security Vulnerability

Apple macOS Sonoma is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sonoma version 14.2, which arises from the handling of maliciously crafted files that could result in the unexpected termination of an application or arbitrary cod...

USN-6310-1 json-c vulnerability

It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

Emby Server Cross-Site Scripting Vulnerability

Emby Server is a personal media server software that supports storing, managing, and streaming personal media content with support for multiple device access. A cross-site scripting vulnerability exists in Emby Server. The vulnerability stems from some unknown handling of files/web/ and no detail...

macOS 13.x < 13.4 Multiple Vulnerabilities (HT213758)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.4. It is, therefore, affected by multiple vulnerabilities: - In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user- provided environment variables SUDOEDITOR, VISUAL, and...

SUSE-SU-2023:0103-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issues: - CVE-2022-41946: Fixed a local information disclosure issue due to improper handling of temporary files bsc1206921...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...