CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Mageia•added 2024/04/30 10:25 p.m.•55 views

Updated guava packages fix security vulnerabilities

A bug that could allow an attacker with access to the machine to potentially access data in a temporary directory created by the Guava. CVE-2020-8908 Predictable temporary files and directories used in FileBackedOutputStream. CVE-2023-2976...

7.1CVSS7AI score0.00072EPSS

Exploits1References1

F5 Networks•added 2023/02/21 6:33 p.m.•50 views

K03710547: Linux RPM vulnerability CVE-2017-7501

Security Advisory Description It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content...

7.8CVSS7.6AI score0.00054EPSS

Exploits0

Prion•added 2020/01/28 4:15 p.m.•11 views

Design/Logic Flaw

The psub function in fish aka fish-shell 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name...

4.4CVSS7.4AI score0.0011EPSS

Exploits0References3Affected Software1

UbuntuCve•added 2019/11/12 10:15 p.m.•33 views

CVE-2010-3440

babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files...

5.5CVSS6.2AI score0.00072EPSS

Exploits0References1

NVD•added 2015/08/26 7:59 p.m.•20 views

CVE-2015-4037

The slirpsmb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service instantiation failure by creating /tmp/qemu-smb.- files before the program...

1.9CVSS6.1AI score0.00096EPSS

Exploits0References14

Debian CVE•added 2012/01/13 7:0 p.m.•19 views

CVE-2011-5060

The parmktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different...

3.3CVSS6AI score0.00048EPSS

Exploits0

NVD•added 2008/12/05 11:30 a.m.•14 views

CVE-2008-5360

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknow...

6.4CVSS7.5AI score0.03736EPSS

Exploits1References39

Debian CVE•added 2005/04/28 4:0 a.m.•22 views

CVE-2005-1270

The 1 checkupdate.sh and 2 rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack...

2.1CVSS6.1AI score0.00098EPSS

Exploits0

FreeBSD•added 2005/04/12 12:0 a.m.•35 views

portupgrade -- insecure temporary file handling vulnerability

Simon L. Nielsen discovered that portupgrade handles temporary files in an insecure manner. This could allow an unprivileged local attacker to execute arbitrary commands or overwrite arbitrary files with the permissions of the user running portupgrade, typically root, by way of a symlink attack...

7.2CVSS7AI score0.00054EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by