12 matches found
Cloud Files Security Review Tool
This code performs a defensive security assessment of Windows systems by reviewing configuration elements associated with Cloud Files components, environment manipulation opportunities, temporary file exposure, and Windows Error Reporting artifacts...
EUVD-2007-4683
Malware in sbrugna...
EUVD-2008-7245
Malware in sbrugna...
Security Bulletin: IBM Software Support mobile app is vulnerable to multiple vulnerabilities due to 3rd party software
Summary This release includes information about multiple vulnerabilities, improving the overall security and stability of the application. The types of vulnerabilities resolved include: Cross-Site Scripting XSS Vulnerability: Addressed an issue that could allow an attacker to inject malicious...
java-merge-sort 安全漏洞
java-merge-sort is a basic standalone disk-based N-way merge-sort component for Java. A security vulnerability exists in java-merge-sort versions prior to 1.1.0, which stems from an insecure temporary file vulnerability in the StdTempFileProvider function in StdTempFileProvider.java, which allows...
CVE-2022-41954 Temporary File Information Disclosure Vulnerability
MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems not Windows or macos, MPXJ's use of File.createTempFile.. results in temporary files being created with the permissions -rw-r--r--. This means that any other...
GHSA-562R-VG33-8X8H TemporaryFolder on unix-like systems does not limit access to created files
Vulnerability PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream will create a temporary file if the InputStream is larger than 51k Example of vulnerable code: java String s = "some very large string greater than 51200 bytes"; PreparedStatement.setInputStream1...
CVE-2022-41553
Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux Analytics probe component, Hitachi Ops Center Analyzer on Linux Hitachi Ops Center Analyzer probe component allows local users to gain sensitive information. This issue affect...
Church Admin < 3.4.135 - Unauthenticated Plugin's Backup Disclosure
The plugin does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file generated by the plugin in order to...
Audacity Security Breach
Audacity is an open source and free cross-platform audio processing software for recording and editing audio files. A security vulnerability exists in Audacity version 2.3.3 and earlier versions, which stems from saving temporary files as var tmp, defaulting to Audacity -$USER.After Audacity...
Mozilla, Firefox, Thunderbird: Various vulnerabilities
Background Mozilla is a popular web browser that includes a mail and newsreader. Mozilla Firefox and Mozilla Thunderbird are respectively the next-generation browser and mail client from the Mozilla project. Description Maurycy Prodeus from isec.pl found a potentially exploitable buffer overflow ...
CVE-2003-0841
The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the web document root, which allows remote attackers to steal search results by directly accessing the files via a URL request...