CVE-2021-47386 hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 from device then Null pointer dereference occurs. I...

CVE-2024-33858

An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The sourcename parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory...

CVE-2024-33858

An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The sourcename parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory...

CVE-2024-34490

In Maxima through 5.47.0 before 51704c, the plotting facilities make use of predictable names under /tmp. Thus, the contents may be controlled by a local attacker who can create files in advance with these names. This affects, for example, plot2d...

CVE-2024-34490

In Maxima through 5.47.0 before 51704c, the plotting facilities make use of predictable names under /tmp. Thus, the contents may be controlled by a local attacker who can create files in advance with these names. This affects, for example, plot2d...

PT-2024-25940 · Maxima +1 · Maxima +1

Name of the Vulnerable Software and Affected Versions: Maxima versions prior to 5.47.0 before 51704c Description: The plotting facilities in the affected software make use of predictable names under /tmp, allowing a local attacker to control the contents by creating files in advance with these...

The vulnerability of the systemd-tmpfiles file of the Systemd initialization and service management subsystem allows a attacker to cause a service failure.

The vulnerability of the systemd-tmpfiles subsystem, which is part of the Systemd service initialization and management mechanism, stems from recursion. This occurs when too many nested directories are created in /tmp. Exploiting this vulnerability could allow an attacker to cause a service failu...

OESA-2024-1129 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with /tmp mounted as a...

PT-2024-20530 · Bref · Bref

Name of the Vulnerable Software and Affected Versions: Bref versions prior to 2.1.13 Description: The issue arises when Bref is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface. In this scenario, the Lambda event is converted to a PSR7 object. During the...

Mageia: Security Advisory (MGASA-2024-0013)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0013 Updated hplip packages fix security vulnerabilities

There were security issues in hplip's hpps program due to fixed /tmp path usage in prnt/hpps/hppsfilter.c This update fixes these issues...

Updated hplip packages fix security vulnerabilities

There were security issues in hplip's hpps program due to fixed /tmp path usage in prnt/hpps/hppsfilter.c This update fixes these issues...

CentOS 7 : insights-client (RHSA-2023:6795)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6795 advisory. - A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and...

The vulnerability of the account_print.cgi component in the microprogramming software for Zyxel USG FLEX and VPN devices allows a hacker to execute arbitrary commands.

The vulnerability of the accountprint.cgi component in the Zyxel USG FLEX and VPN network devices is related to an incorrect limitation on the path name to the tmp directory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the Insights-Client client API’s interface, related to the creation of temporary files with insecure permissions, allows a hacker to escalate their privileges.

The vulnerability of the Insights-Client client API’s interface is related to the creation of temporary files with insecure permissions in the /var/tmp/insights-client directory. Exploiting this vulnerability could allow an attacker to increase their privileges...

mariadb: server crash in create_tmp_table::finalize

A flaw was found in MariaDB. The component, Createtmptable::finalize, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

insights-client: unsafe handling of temporary files and directories

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local...

insights-client: unsafe handling of temporary files and directories

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local...

insights-client: unsafe handling of temporary files and directories

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local...

insights-client: unsafe handling of temporary files and directories

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local...