Insecure Temporary File Usage

llama-index-core is vulnerable to Insecure Temporary File Usage. The vulnerability is due to the use of a predictable hardcoded cache directory /tmp/llamaindex in getcachedir, where attackers on multi-user Linux systems can steal cached model data, poison embeddings, or exploit symlink race...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : .NET vulnerabilities (USN-7210-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7210-1 advisory. It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly u...

USN-7210-1 dotnet8, dotnet9 vulnerabilities

It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly use this issue to execute arbitrary code. CVE-2025-21171 It was discovered that .NET did not properly handle an integer overflow when processing certain specially...

RHEL 6 : crypto-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - crypto-utils: insecure temporary file usage in genkey CVE-2012-3504 Note that Nessus has not tested for this issue...

SUSE-SU-2016:0042-1 Security update for rubygem-passenger

This update fixes the following security issues: - CVE-2015-7519: Passenger is not filtering environment like apache is doing bnc956281 - CVE-2013-4136: Fixed security issue Passenger would reuse existing server instance directories temporary directories which could cause Passenger to remove or...

GLSA-201402-10 : PulseAudio: Insecure temporary file usage

The remote host is affected by the vulnerability described in GLSA-201402-10 PulseAudio: Insecure temporary file usage The pamakesecuredir function in core-util.c does not handle temporary files securely. Impact : A local attacker could perform symlink attacks to overwrite arbitrary files with th...

Fedora 19 : nagios-3.5.0-5.fc19 (2013-10996)

"Build package with PIE flags 965529 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Fedora Security Advisory 2013-10996. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid67296;...

CVE-2013-2119 rubygem-passenger: incorrect temporary file usage

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...

Fedora 18 : crypto-utils-2.4.1-39.fc18 (2013-3253)

Addresses CVE-2012-3504 - insecure temporary file usage in genkey Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Gentoo Security Advisory GLSA 201206-17 (virtualenv)

The remote host is missing updates announced in advisory GLSA 201206-17. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

GLSA-201206-17 : virtualenv: Insecure temporary file usage

The remote host is affected by the vulnerability described in GLSA-201206-17 virtualenv: Insecure temporary file usage The virtualenv.py script in virtualenv does not handle temporary files securely. Impact : A local attacker could perform symlink attacks to overwrite arbitrary files with the...

GLSA-201203-18 : Minitube: Insecure temporary file usage

The remote host is affected by the vulnerability described in GLSA-201203-18 Minitube: Insecure temporary file usage Tom Pruina reported that Minitube does not handle temporary files securely. Impact : A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges...

Gentoo Security Advisory GLSA 201201-11 (fwbuilder)

The remote host is missing updates announced in advisory GLSA 201201-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

sysstat security, bug fix, and enhancement update

7.0.2-11 - Related: 716959 fix cve-2007-3852 - sysstat insecure temporary file usage 7.0.2-10 - Resolves: 716959 fix cve-2007-3852 - sysstat insecure temporary file usage 7.0.2-9 - Related: 622557 sar interrupt count goes backward 7.0.2-8 - Resolves: 694767 iostat doesn't report statistics for...

Gentoo Security Advisory GLSA 200909-10 (lmbench)

The remote host is missing updates announced in advisory GLSA 200909-10. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200909-11 (gccxml)

The remote host is missing updates announced in advisory GLSA 200909-11. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Gentoo Security Advisory GLSA 200909-09 (screenie)

The remote host is missing updates announced in advisory GLSA 200909-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

RHEL 3 / 4 / 5 : acroread (RHSA-2008:0641)

Updated acroread packages that fix various security issues are now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Acrobat Reader allows users to view and pri...

Gentoo Security Advisory GLSA 200903-18 (openswan)

The remote host is missing updates announced in advisory GLSA 200903-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200812-12 (honeyd)

The remote host is missing updates announced in advisory GLSA 200812-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...