73 matches found
CVE-2025-7039
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...
Fedora 42 : glib2 (2025-16acfe9927)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-16acfe9927 advisory. Resolve CVE-2025-7039 Buffer Under-read on GLib through glib/gfileutils.c via gettmpfile with several other bug fixes. Tenable has extracted the preceding...
PT-2025-34184
Name of the Vulnerable Software and Affected Versions: glib2.0 affected versions not specified Description: The software contains a buffer underrun issue within the get tmp file function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...
CVE-2024-54661
CVE-2024-54661 affects the socat utility. The issue arises in readline.sh usage in socat before 1.8.0.2, which relies on a predictable /tmp/$USER/stderr2 file and enables arbitrary file overwrite via the /tmp directory. The CVSSv3.1 score is 9.8 (CRITICAL) with network attack vector, no user inte...
openSUSE 15 Security Update : etcd (SUSE-SU-2024:3656-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3656-1 advisory. Update to version 3.5.12: Security fixes: - CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 - CVE-2018-16874: Fixed directory...
Security update for etcd
This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...
SUSE-SU-2024:3656-1 Security update for etcd
This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: - CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 - CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 - CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...
RHEL 5 : ctdb (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ctdb: /tmp file vulnerability issues CVE-2013-4159 Note that Nessus has not tested for this issue but has instead...
RHEL 6 : ctdb (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ctdb: /tmp file vulnerability issues CVE-2013-4159 Note that Nessus has not tested for this issue but has instead...
RHEL 4 : emacspeak (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - emacspeak: Insecure auxiliary /tmp file usage symlink attack possible CVE-2008-4191 Note that Nessus has not tested...
SUSE CVE-2022-47040
An issue in ASKEY router RTF3505VW-N1 BRSVg000R3505VMN1001s327 allows attackers to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80...
SUSE CVE-2013-6402
base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...
CVE-2022-47040
An issue in ASKEY router RTF3505VW-N1 BRSVg000R3505VMN1001s327 allows attackers to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80...
Askey RTF3505VW 安全漏洞
Askey RTF3505VW is an application software from China Askey Electronic Technology Askey Company. Providing the most stable broadband connection source for all types of users bringing super fast speeds. A security vulnerability exists in the Askey RTF3505VW-N1 firmware version...
PT-2023-15142 · Askey · Askey Rtf3505Vw-N1
Name of the Vulnerable Software and Affected Versions: ASKEY router RTF3505VW-N1 version BR SV g000 R3505VMN1001 s32 7 Description: The issue allows attackers to escalate privileges by running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets throu...
VMware open-vm-tools 后置链接漏洞
VMware open-vm-tools is a set of services and modules from VMware, Inc. It includes kernel modules to enhance the performance of virtual machines running Linux or other VMware-supported Unix-like guest operating systems. A security vulnerability exists in VMware open-vm-tools version...
SaltStack has insecure /tmp file handling in salt/modules/chef.py
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp...
UBUNTU-CVE-2022-24986
KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands...
CVE-2020-35766
The test suite in libopendkim in OpenDKIM through 2.10.3 allows local users to gain privileges via a symlink attack against the /tmp/testkeys file related to t-testdata.h, t-setup.c, and t-cleanup.c. NOTE: this is applicable to persons who choose to engage in the "A number of self-test programs a...
CVE-2014-3701
eDeploy has tmp file race condition flaws...