CVE-2022-27815

SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service...

SWHKD 后置链接漏洞

SWHKD is a display protocol independent hotkey daemon made in Rust. A denial of service vulnerability exists in SWHKD version 1.1.5, which stems from the insecure use of the /tmp/swhks.pid pathname and can be exploited by an attacker to potentially cause a denial of service...

CVE-2022-27815

SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service...

CVE-2022-27815

Affected software: SWHKD 1.1.5 and older. Vulnerability: Unsafe use of the /tmp/swhkd.pid pathname can lead to information leakage or denial of service. The issue stems from placing the pid file in /tmp, which is world-accessible. Impact (as described): Information disclosure and denial of servic...

SWHKD 后置链接漏洞

SWHKD is a display protocol independent hotkey daemon made in Rust. A security vulnerability exists in SWHKD version 1.1.5, which stems from the insecure use of the /tmp/swhkd.pid pathname, resulting in information disclosure or denial of service...

CVE-2021-22571

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

CVE-2021-22571

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

Design/Logic Flaw

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

CVE-2021-22571 Information Leak in SA360-webquery-bigquery through read on /tmp

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

ROS-20220314-01

Vulnerability in Mozilla Firefox browser, related to a logic error in iframe processing. Exploitation the vulnerability could allow an attacker acting remotely and who has the ability to control the contents of an isolated iframe program environment , allow-popups, but not allow-scripts, could...

Information Disclosure

firefox is vulnerable to information disclosure. The vulnerability exists due to a browser stores files in the /tmp folder, which is accessible by all local users...

Mozilla Firefox Access Control Error Vulnerability (CNVD-2023-68217)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an Access Control Error vulnerability that originates when the browser stores files in the /tmp folder, which is accessible to all local users. An attacker could use this...

UBUNTU-CVE-2022-24986

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands...

CVE-2021-3997

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp...

CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

Improper file handling in concrete5/core

A bypass of adding remote files in Concrete CMS previously concrete5 File Manager leads to remote code execution in Concrete CMS concrete5 versions 8.5.6 and below. The external file upload feature stages files in the public directory even if they have disallowed file extensions. They are stored ...

Mozilla Firefox Security Advisory (MFSA2014-90) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2011-4119

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

Code injection

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

CVE-2011-4119

CVE-2011-4119 affects caml-light