8 matches found
CVE-2026-2817
CVE-2026-2817 affects Spring Data Geode. The issue arises from using an insecure directory during snapshot imports: archives are extracted to predictable, overly permissive locations in the system temp directory. On shared hosts, a local user with basic privileges can access another user’s extrac...
CVE-2025-12648
The WP-Members Membership Plugin for WordPress is vulnerable to unauthorized file access in versions up to, and including, 3.5.4.4. This is due to storing user-uploaded files in predictable directories wp-content/uploads/wpmembers/userfiles// without implementing proper access controls beyond bas...
CVE-2025-12648 WP-Members Membership Plugin <= 3.5.4.4 - Unauthenticated Information Exposure via Unprotected Files
The WP-Members Membership Plugin for WordPress is vulnerable to unauthorized file access in versions up to, and including, 3.5.4.4. This is due to storing user-uploaded files in predictable directories wp-content/uploads/wpmembers/userfiles// without implementing proper access controls beyond bas...
CVE-2025-12648 WP-Members Membership Plugin <= 3.5.4.4 - Unauthenticated Information Exposure via Unprotected Files
The WP-Members Membership Plugin for WordPress is vulnerable to unauthorized file access in versions up to, and including, 3.5.4.4. This is due to storing user-uploaded files in predictable directories wp-content/uploads/wpmembers/userfiles// without implementing proper access controls beyond bas...
CVE-2020-10870
Zim through 0.72.1 creates temporary directories with predictable names. A malicious user could predict and create Zim's temporary directories and prevent other users from being able to start Zim, resulting in a denial of service...
CVE-2008-1796
Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service...
Fedora Core 2 : kdelibs-3.2.2-8.FC2 (2004-291)
Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create temporary directories with predictable names. A local attacker could prevent KDE applications from functioning correctly, or overwrite files owned by other users by creating malicious symlinks. The Common Vulnerabilities...
CVE-2003-0596
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time...