26 matches found
EUVD-2008-4930
Malware in sbrugna...
EUVD-2017-16971
Malware in sbrugna...
EUVD-2011-1315
Malware in sbrugna...
CVE-2011-1307
The installer in IBM WebSphere Application Server WAS before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability than CVE-2009-1173...
CVE-2008-4950
gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments...
SUSE CVE-2008-4951
dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/awstats.log, b /tmp/spam.log., and c /tmp/spamerr.log temporary files, related to the 1 accesslog.php and 2 sa-wrapper scripts...
SUSE CVE-2018-19637
Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supplog, allowing local attackers to overwrite files on systems without symlink protection...
SUSE CVE-2018-19960
The debugmode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshareserver.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname...
CVE-2022-25518
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which allows attackers with database access to read the password of the users who login to the application by querying the database table...
CVE-2022-25518
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which allows attackers with database access to read the password of the users who login to the application by querying the database table...
Trend Micro Apex One 后置链接漏洞
Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities. Trend Micro Apex One suffers from a backlink vulnerability that arises from an application not properly controlling the consumption of...
Trend Micro Apex One 后置链接漏洞
Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities. Trend Micro Apex One suffers from a backlink vulnerability that arises from an application not properly controlling the consumption of...
CVE-2018-19637
Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supplog, allowing local attackers to overwrite files on systems without symlink protection...
UBUNTU-CVE-2018-19960
The debugmode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshareserver.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname...
DEBIAN-CVE-2018-19960
The debugmode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshareserver.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname...
Design/Logic Flaw
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the...
CVE-2017-8001
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the...
CVE-2017-8001
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the...
OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)
The unpacker::redirectstdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite...
UBUNTU-CVE-2008-5150
sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-..log temporary file...