Lucene search
K

210 matches found

Cvelist
Cvelist
added 2019/11/18 9:18 p.m.30 views

CVE-2008-7273

A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...

7.6AI score0.00398EPSS
Exploits0References3
OSV
OSV
added 2019/11/12 3:15 p.m.10 views

CVE-2011-3618

atop: symlink attack possible due to insecure tempfile handling...

7.8CVSS6.7AI score0.00409EPSS
Exploits0References5
OSV
OSV
added 2019/11/12 3:15 p.m.4 views

DEBIAN-CVE-2011-3618

atop: symlink attack possible due to insecure tempfile handling...

7.8CVSS7.1AI score0.00409EPSS
Exploits0References1
NVD
NVD
added 2019/11/12 3:15 p.m.21 views

CVE-2011-3618

atop: symlink attack possible due to insecure tempfile handling...

7.8CVSS7.6AI score0.00409EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/11/12 3:15 p.m.37 views

CVE-2011-3618

atop: symlink attack possible due to insecure tempfile handling...

7.8CVSS7.1AI score0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/12 2:25 p.m.26 views

CVE-2011-3618

atop: symlink attack possible due to insecure tempfile handling...

7.6AI score0.00409EPSS
Exploits0References3
CVE
CVE
added 2019/11/12 2:25 p.m.54 views

CVE-2011-3618

CVE-2011-3618 relates to a symlink attack caused by insecure tempfile handling in the tool described as “atop.” The linked records (NVD, OSV, Debian/Ubuntu trackers and others) consistently cite this issue as a local‑attack vulnerability with insecure tempfile handling, leading to potential expos...

7.8CVSS7.5AI score0.00409EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2019/11/12 2:25 p.m.44 views

CVE-2011-3618

atop: symlink attack possible due to insecure tempfile handling...

7.8CVSS7.4AI score0.00409EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2019/08/06 12:40 p.m.2 views

ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir

It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create temporary files and directories outside of the dedicated directory...

7.5CVSS7.3AI score0.10552EPSS
Exploits0References5
Cvelist
Cvelist
added 2019/03/15 8:0 p.m.22 views

CVE-2018-17955 Static tempfile name allows overwriting of arbitrary files

In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection...

2.2CVSS5.4AI score0.00309EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/11/29 10:10 a.m.3 views

ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir

It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create temporary files and directories outside of the dedicated directory...

7.5CVSS7.3AI score0.10552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/29 9:56 a.m.3 views

ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir

It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create temporary files and directories outside of the dedicated directory...

7.5CVSS7.3AI score0.10552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/27 1:27 a.m.7 views

ghostscript: .tempfile file permission issues (699657)

It was discovered that the ghostscript .tempfile function did not properly handle file permissions. An attacker could possibly exploit this to exploit this to bypass the -dSAFER protection and delete files or disclose their content via a specially crafted PostScript document...

7.8CVSS5.8AI score0.01916EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.43 views

RHEL 7 : ghostscript (RHSA-2018:3650)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3650 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...

7.8CVSS6.9AI score0.03019EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.38 views

EulerOS Virtualization 2.5.1 : ruby (EulerOS-SA-2018-1275)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name...

9.1CVSS7.2AI score0.10552EPSS
Exploits0References6
CNVD
CNVD
added 2018/08/28 12:0 a.m.3 views

Artifex Ghostscript Restriction Bypass Vulnerability

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A restriction bypa...

7.8CVSS7.7AI score0.01916EPSS
Exploits0References1
NVD
NVD
added 2018/08/27 5:29 p.m.21 views

CVE-2018-15908

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...

7.8CVSS7.5AI score0.01916EPSS
Exploits0References7
Prion
Prion
added 2018/08/27 5:29 p.m.19 views

Code injection

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...

6.8CVSS7.6AI score0.01916EPSS
Exploits0References7Affected Software8
OSV
OSV
added 2018/08/27 5:29 p.m.30 views

CVE-2018-15908

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...

7.8CVSS6.7AI score
Exploits0References7
OSV
OSV
added 2018/08/27 5:29 p.m.1 views

DEBIAN-CVE-2018-15908

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...

7.8CVSS7.9AI score0.01916EPSS
Exploits0References1
Rows per page
Query Builder