15 matches found
CVE-2026-49134 CodexBar < 0.32.0 Privilege Escalation via CLI Installer Temp File
CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that allows local attackers to execute arbitrary commands as root by exploiting a race condition in temporary file handling. The installer creates a temporary file with mktemp, writes a privileged shell...
EUVD-2025-201818
IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks...
PT-2025-49598
IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks...
UBUNTU-CVE-2020-12050
SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library...
DEBIAN-CVE-2018-12713
GIMP through 2.10.2 makes ggettmpdir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimpwriteandreadfile function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was...
Mandrake Linux Security Advisory : inn (MDKSA-2001:010)
WireX discovered a potential temporary file race condition in the inn program. This condition is due partly to the way inn is compiled and configured on some Linux distributions, including Linux-Mandrake, and partly due to the lack of information in the inn package detailing potential security...
Mandrake Linux Security Advisory : getty_ps (MDKSA-2001:004)
WireX discovered a potential temporary file race condition in the gettyps program. This update corrects the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandrake Linux Security Advisory MDKSA-2001:004. The...
Mandrake Linux Security Advisory : Mesa (MDKSA-2001:029)
Ben Collins identified a temporary file race in the Utah-glx component of the Mesa package which affects Linux-Mandrake 7.2. The /tmp/glxmemory file is created by Utah-glx and because it is not created securely could be used in a symlink attack which allows files to be overwritten the next time t...
Mandrake Linux Security Advisory : squid (MDKSA-2001:003)
WireX discovered a potential temporary file race condition in the way that squid sends out email messages notifying the administrator about updating the program. Usually this will only happen if you are running a development version of squid or if the clock on your system is incorrect. This probl...
Mandrake Linux Security Advisory : rdist (MDKSA-2001:005)
WireX discovered a potential temporary file race condition in the rdist program. This update corrects the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandrake Linux Security Advisory MDKSA-2001:005. The...
SUSE-SU-2015:0929-1 Security update for kvm
The kvm qemu vt100 emulation was affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. CVE-2012-3515 aka XSA-17. Also a temp file race was fixed. CVE-2012-2652 Security Issue reference: CVE-2012-3515 CVE-2012-2652...
Debian Security Advisory DSA 019-1 (squid)
The remote host is missing an update to squid announced via advisory DSA 019-1. OpenVAS Vulnerability Test $Id: deb0191.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 019-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 019-1 (squid)
The remote host is missing an update to squid announced via advisory DSA 019-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-019-1 : squid - insecure tempfile handling
WireX discovered a potential temporary file race condition in the way that squid sends out email messages notifying the administrator about updating the program. This could lead to arbitrary files to get overwritten. However the code would only be executed if running a very bleeding edge release ...
MDKSA-2001:029 - Mesa update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Linux-Mandrake Security Update Advisory Package name: Mesa Date: March 13th, 2001 Advisory ID: MDKSA-2001:029 Affected versions: 7.2 Problem Description: Ben Collins identified a temporary file race in the Utah-glx component of the Mesa package which...