Siemens SCALANCE X-200RNA Switch Devices has an unspecified vulnerability

The SCALANCE X-204RNA Industrial Ethernet Access Point enables non-PRP endpoint devices to connect to a separate parallel network as needed.A security vulnerability exists in Siemens SCALANCE X-200RNA Switch Devices due to the web server of the affected device calculating session IDs and random...

GHSA-XHJ7-JR45-5W8R Apache OpenMeetings updates user password in insecure manner

Apache OpenMeetings 1.0.0 updates user password in insecure manner. This issue is fixed in version 3.3.0...

Apache OpenMeetings updates user password in insecure manner

Apache OpenMeetings 1.0.0 updates user password in insecure manner. This issue is fixed in version 3.3.0...

Arbitrary File Overwrite

openswan is vulnerable to arbitrary file overwrite. The vulnerability exists as Openswan's livetest script created temporary files in an insecure manner. A local attacker could use this flaw to overwrite arbitrary files owned by the user running the script...

Race condition

log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...

CVE-2012-1105

An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner...

NREL BEopt <= 2.8.0.0 RCE Vulnerability

NREL BEopt is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nrel:beopt"; if...

CVE-2018-7518

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner...

Information disclosure

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner...

Humhub Insecure Password Validation / Reset

Humhub insecure password validation and reset design + Discovered by: Jos Wetzels + Affects: Humhub password == $this-hashPassword$password Here a hash of the user-supplied password gets compared to the stored hash in an insecure manner, since PHP's loose type comparison operators compare only...

ALFTP Insecure Executable File Loading Vulnerability

This host is installed with ALFTP and is prone to insecure executable file loading vulnerability. OpenVAS Vulnerability Test $Id: secpodalftpinsecureexecfileloadvuln.nasl 6018 2017-04-24 09:02:24Z teissa $ ALFTP Insecure Executable File Loading Vulnerability Authors: Madhuri D Copyright: Copyrigh...

Lhaplus Untrusted search path Vulnerability

This host is installed with Lhaplus and is prone to untrusted search path vulnerability. OpenVAS Vulnerability Test $Id: gblhaplusuntrustedsearchpathvuln.nasl 5374 2017-02-20 16:36:11Z cfi $ Lhaplus Untrusted search path Vulnerability Authors: Madhuri D Copyright: Copyright c 2010 Greenbone...

Gentoo Security Advisory GLSA 200507-22 (sandbox)

The remote host is missing updates announced in advisory GLSA 200507-22. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200809-08 : Amarok: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200809-08 Amarok: Insecure temporary file creation Dwayne Litzenberger reported that the MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp uses the albuminfo.xml temporary file in an insecure...

Debian: Security Advisory (DSA-160)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 4.10 : apache vulnerabilities (USN-65-1)

Javier Fernandez-Sanguino Pena noticed that the 'checkforensic' script created temporary files in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program. Note that Tenable Network Security has extract...

Mandrake Linux Security Advisory : tkcvs (MDKSA-2006:001)

Javier Fernandez-Sanguino Pena discovered that tkdiff created temporary files in an insecure manner. The updated packages have been patched to correct these problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

net-snmp -- fixproc insecure temporary file creation

A Gentoo advisory reports: Net-SNMP creates temporary files in an insecure manner, possibly allowing the execution of arbitrary code. A malicious local attacker could exploit a race condition to change the content of the temporary files before they are executed by fixproc, possibly leading to the...

CVE-2005-1335

Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via 1 chfn, 2 chpass, and 3 chsh, which "use external helper programs in an insecure manner."...

CVE-2005-1335

Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via 1 chfn, 2 chpass, and 3 chsh, which "use external helper programs in an insecure manner."...