42 matches found
EUVD-2025-31584
Malicious code in bioql PyPI...
CVE-2025-61659
bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name...
CVE-2010-2449
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
ROS-20250307-01
A vulnerability in the readline.sh component of the socket forwarding utility from the host machine is related to the use of a predictable temporary file name in readline.sh. the use of a predictable temporary file name in readline.sh. Exploitation of the vulnerability could allow an attacker...
CVE-2024-55566
ColPack 1.0.10 through 9a7293a has a predictable temporary file located under /tmp with a name derived from an unseeded RNG. The impact can be overwriting files or making ColPack graphing unavailable to other users...
CVE-2022-26851
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss...
Design/Logic Flaw
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss...
CVE-2022-26851
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss...
CVE-2022-26851
Dell PowerScale OneFS (8.2.2–9.3.x) contains a vulnerability described as a predictable file name from observable state. An unprivileged, remote attacker could exploit it to cause data loss. Affected component/condition corresponds to the observable state of file naming; the exact root cause is d...
CVE-2022-26851
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss...
DEBIAN-CVE-2010-2449
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
CVE-2010-2449
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
CVE-2010-2449
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
Code injection
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
CVE-2010-2449
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
CVE-2010-2449
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
Prima FlexAir Database Configuration Backup Download Vulnerability
Prima Systems FlexAir is an access control system from Prima Systems in Slovenia. A database configuration backup download vulnerability exists in Prima FlexAir version 2.3.38 and earlier. The vulnerability stems from a predictable file name. An attacker could exploit the vulnerability to downloa...
Amazon Linux: Security Advisory (ALAS-2011-11)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
HawtJNI: predictable temporary file name leading to local arbitrary code execution
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...
Important: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.3.0 update
Red Hat JBoss Operations Network 3.2.3, which fixes multiple security issues and several bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...