Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1107 matches found

RedHat Linux
RedHat Linuxadded 2023/11/02 12:36 p.m.4 views

insights-client: unsafe handling of temporary files and directories

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local...

7.8CVSS6AI score0.00008EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2023/11/02 9:25 a.m.2 views

insights-client: unsafe handling of temporary files and directories

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local...

7.8CVSS6AI score0.00008EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/10/31 2:48 a.m.3 views

SUSE CVE-2015-5273

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ABRT before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp...

3.6CVSS6.8AI score0.00334EPSS
Exploits5References2
SUSE CVE
SUSE CVEadded 2023/10/31 2:37 a.m.2 views

SUSE CVE-2018-14650

It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the...

5.9CVSS6.7AI score0.00044EPSS
Exploits1References2
Veracode
Veracodeadded 2023/10/09 5:3 a.m.13 views

Arbitrary File Upload

Gradio is vulnerable to an Arbitrary File Upload vulnerability. The vulnerability is due to the /upload interface endpoint via /tmp directory. The attacker can exploit this by uploading arbitrary files, potentially leading to unauthorized access or execution of malicious code...

4.8CVSS7.1AI score0.00107EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2023/09/22 6:15 a.m.10 views

CVE-2023-43783

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The filename is used even if it has been created by a local adversary before Cadence started. The adversary can leverage this to create or overwrite files via a symlink attack. In some kernel configuration...

7.5CVSS7.5AI score0.0005EPSS
Exploits1References3
RedHat Linux
RedHat Linuxadded 2023/08/15 5:43 p.m.4 views

modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass

A vulnerability was found in ModSecurity. This issue occurs when FILESTMPCONTENT lacks complete content, which can lead to a Web Application Firewall bypass...

7.5CVSS6.6AI score0.00141EPSS
Exploits0References4
Oracle linux
Oracle linuxadded 2023/08/11 12:0 a.m.48 views

postgresql:10 security update

10.23-2.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 10.23-2 - Backport fixes for CVE-2023-2454 and CVE-2023-2455 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207931 10.23-1 - Resolves: CVE-2022-2625 - Rebase to...

8.8CVSS7AI score0.02263EPSS
Exploits0
NVD
NVDadded 2023/08/09 7:15 p.m.8 views

CVE-2023-39003

OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp...

7.5CVSS7.6AI score0.00381EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/08/09 12:0 a.m.11 views

CVE-2023-39003

OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp...

7.3AI score0.00381EPSS
Exploits1References2
CVE
CVEadded 2023/08/09 12:0 a.m.125 views

CVE-2023-39003

CVE-2023-39003 affects OPNSense Community Edition < 23.7 and OPNSense Business Edition

7.5CVSS7.5AI score0.00381EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2023/08/09 12:0 a.m.5 views

Deciso OPNsense Security Vulnerability

Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. A security vulnerability exists in Deciso OPNsense versions prior to 23.7, which stems from a misconfiguration of permissions in the directory /tmp...

7.5CVSS6.7AI score0.00381EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/08/09 12:0 a.m.2 views

PT-2023-26729 · Opnsense · Opnsense Community Edition +1

Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: The issue is related to insecure permissions in the directory /tmp. Recommendations: For OPNsense Community Edition versions pri...

7.5CVSS7.3AI score0.00381EPSS
Exploits1References5
OSV
OSVadded 2023/06/07 8:15 p.m.28 views

CVE-2023-33865

RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership...

7.8CVSS7.2AI score
Exploits0References7
UbuntuCve
UbuntuCveadded 2023/06/07 8:15 p.m.22 views

CVE-2023-33865

RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership...

7.8CVSS7.3AI score0.00043EPSS
Exploits3References9
Debian CVE
Debian CVEadded 2023/06/07 12:0 a.m.22 views

CVE-2023-33865

RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership...

7.8CVSS8.2AI score0.00043EPSS
Exploits3
Cvelist
Cvelistadded 2023/06/07 12:0 a.m.20 views

CVE-2023-33865

RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership...

8.8AI score0.00043EPSS
Exploits3References6
Vulnrichment
Vulnrichmentadded 2023/06/07 12:0 a.m.8 views

CVE-2023-33865

RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership...

6.9AI score0.00043EPSS
Exploits3References6
RedhatCVE
RedhatCVEadded 2023/05/30 1:40 p.m.31 views

CVE-2023-34204

imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus for example an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it...

4.4CVSS6.8AI score0.00439EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2023/05/24 12:0 a.m.36 views

Amazon Linux AMI : ImageMagick (ALAS-2023-1745)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1.25. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1745 advisory. A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation...

5.5CVSS6.4AI score0.0011EPSS
Exploits1References4
Rows per page
Query Builder