Lucene search
+L

73 matches found

debiancve
debiancve
added 2025/09/03 1:52 a.m.9 views

CVE-2025-7039

A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...

3.7CVSS5.3AI score0.0037EPSS
Exploits0
nessus
nessus
added 2025/08/14 12:0 a.m.8 views

Fedora 42 : glib2 (2025-16acfe9927)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-16acfe9927 advisory. Resolve CVE-2025-7039 Buffer Under-read on GLib through glib/gfileutils.c via gettmpfile with several other bug fixes. Tenable has extracted the preceding...

3.7CVSS5.5AI score0.0037EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/01/01 12:0 a.m.4 views

PT-2025-34184

Name of the Vulnerable Software and Affected Versions: glib2.0 affected versions not specified Description: The software contains a buffer underrun issue within the get tmp file function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

9.8CVSS6.6AI score0.00767EPSS
Exploits1References45
cve
cve
added 2024/12/04 12:0 a.m.110 views

CVE-2024-54661

CVE-2024-54661 affects the socat utility. The issue arises in readline.sh usage in socat before 1.8.0.2, which relies on a predictable /tmp/$USER/stderr2 file and enables arbitrary file overwrite via the /tmp directory. The CVSSv3.1 score is 9.8 (CRITICAL) with network attack vector, no user inte...

9.8CVSS9.4AI score0.008EPSS
Exploits0References2
nessus
nessus
added 2024/10/17 12:0 a.m.57 views

openSUSE 15 Security Update : etcd (SUSE-SU-2024:3656-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3656-1 advisory. Update to version 3.5.12: Security fixes: - CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 - CVE-2018-16874: Fixed directory...

9.8CVSS7.2AI score0.93305EPSS
Exploits4References39
suse
suse
added 2024/10/16 11:33 a.m.4 views

Security update for etcd

This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...

8.1CVSS7.4AI score0.93305EPSS
Exploits4References54
osv
osv
added 2024/10/16 11:33 a.m.24 views

SUSE-SU-2024:3656-1 Security update for etcd

This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: - CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 - CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 - CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...

9.8CVSS8.3AI score0.93305EPSS
Exploits4References28
nessus
nessus
added 2024/06/03 12:0 a.m.12 views

RHEL 5 : ctdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ctdb: /tmp file vulnerability issues CVE-2013-4159 Note that Nessus has not tested for this issue but has instead...

7.5CVSS6.6AI score0.02371EPSS
Exploits0References1
nessus
nessus
added 2024/06/03 12:0 a.m.16 views

RHEL 6 : ctdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ctdb: /tmp file vulnerability issues CVE-2013-4159 Note that Nessus has not tested for this issue but has instead...

7.5CVSS6.6AI score0.02371EPSS
Exploits0References1
nessus
nessus
added 2024/06/03 12:0 a.m.12 views

RHEL 4 : emacspeak (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - emacspeak: Insecure auxiliary /tmp file usage symlink attack possible CVE-2008-4191 Note that Nessus has not tested...

6.6CVSS6.6AI score0.00407EPSS
Exploits0References1
susecve
susecve
added 2023/04/05 1:49 a.m.5 views

SUSE CVE-2022-47040

An issue in ASKEY router RTF3505VW-N1 BRSVg000R3505VMN1001s327 allows attackers to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80...

7.8CVSS7.5AI score0.00345EPSS
Exploits2References3
susecve
susecve
added 2023/02/15 5:34 a.m.3 views

SUSE CVE-2013-6402

base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...

2.1CVSS6.7AI score0.00487EPSS
Exploits0References5
osv
osv
added 2023/01/26 9:18 p.m.3 views

CVE-2022-47040

An issue in ASKEY router RTF3505VW-N1 BRSVg000R3505VMN1001s327 allows attackers to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80...

7.8CVSS5.8AI score0.00345EPSS
Exploits2References1
cnnvd
cnnvd
added 2023/01/26 12:0 a.m.5 views

Askey RTF3505VW 安全漏洞

Askey RTF3505VW is an application software from China Askey Electronic Technology Askey Company. Providing the most stable broadband connection source for all types of users bringing super fast speeds. A security vulnerability exists in the Askey RTF3505VW-N1 firmware version...

7.8CVSS7.4AI score0.00345EPSS
Exploits2References2
ptsecurity
ptsecurity
added 2023/01/24 12:0 a.m.6 views

PT-2023-15142 · Askey · Askey Rtf3505Vw-N1

Name of the Vulnerable Software and Affected Versions: ASKEY router RTF3505VW-N1 version BR SV g000 R3505VMN1001 s32 7 Description: The issue allows attackers to escalate privileges by running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets throu...

7.8CVSS7.8AI score0.00345EPSS
Exploits2References3
cnnvd
cnnvd
added 2022/11/23 12:0 a.m.7 views

VMware open-vm-tools 后置链接漏洞

VMware open-vm-tools is a set of services and modules from VMware, Inc. It includes kernel modules to enhance the performance of virtual machines running Linux or other VMware-supported Unix-like guest operating systems. A security vulnerability exists in VMware open-vm-tools version...

6.7CVSS6.5AI score0.00265EPSS
Exploits0References3
github
github
added 2022/05/17 2:49 a.m.23 views

SaltStack has insecure /tmp file handling in salt/modules/chef.py

modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp...

5.3CVSS6.7AI score0.00426EPSS
Exploits0References8Affected Software1
osv
osv
added 2022/02/26 5:15 a.m.5 views

UBUNTU-CVE-2022-24986

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands...

7.8CVSS7AI score0.00249EPSS
Exploits0References8
debiancve
debiancve
added 2020/12/28 7:21 p.m.26 views

CVE-2020-35766

The test suite in libopendkim in OpenDKIM through 2.10.3 allows local users to gain privileges via a symlink attack against the /tmp/testkeys file related to t-testdata.h, t-setup.c, and t-cleanup.c. NOTE: this is applicable to persons who choose to engage in the "A number of self-test programs a...

7.8CVSS7.7AI score0.00516EPSS
Exploits1
nvd
nvd
added 2019/12/15 10:15 p.m.23 views

CVE-2014-3701

eDeploy has tmp file race condition flaws...

9.3CVSS8.2AI score0.015EPSS
Exploits0References3
Rows per page
Query Builder