CVE-2024-4030

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

Fedora 39 : rdiff-backup (2023-3909a0ab0e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3909a0ab0e advisory. Rebuild for pyinstall CVE-2023-49797 BZ2253844 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

SUSE CVE-2014-1624

Race condition in the xdg.BaseDirectory.getruntimedir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once th...

[SECURITY] [DLA 2661-1] jetty9 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2661-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 14, 2021 https://wiki.debian.org/LTS -...

CVE-2017-7761

The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction a form of symbolic link, protected files in the target directory of the junction can be deleted by the Mozilla Maintenance...

Moderate: Red Hat Security Advisory: libguestfs security, bug fix, and enhancement update

Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Debian DSA-544-1 : webmin - insecure temporary directory

Ludwig Nussel discovered a problem in webmin, a web-based administration toolkit. A temporary directory was used but without checking for the previous owner. This could allow an attacker to create the directory and place dangerous symbolic links inside. %NASLMINLEVEL 70300 C Tenable Network...

[SECURITY] [DSA 544-1] New webmin packages fix insecure temporary directory

-------------------------------------------------------------------------- Debian Security Advisory DSA 544-1 [email protected] http://www.debian.org/security/ Martin Schulze September 14th, 2004 http://www.debian.org/security/faq -...

DSA-544-1 webmin - insecure temporary directory

Bulletin has no description...

[Full-Disclosure] [SECURITY] [DSA 488-1] New logcheck packages fix insecure temporary directory

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 488-1 [email protected] http://www.debian.org/security/ Matt Zimmerman April 16th, 2004 http://www.debian.org/security/faq -...