Lucene search
K

1124 matches found

Cvelist
Cvelist
added 2022/03/29 11:21 p.m.33 views

CVE-2022-27815

SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service...

7.7AI score0.00506EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/03/29 12:0 a.m.5 views

SWHKD 后置链接漏洞

SWHKD is a display protocol independent hotkey daemon made in Rust. A security vulnerability exists in SWHKD version 1.1.5, which stems from the insecure use of the /tmp/swhkd.pid pathname, resulting in information disclosure or denial of service...

7.8CVSS7.3AI score0.00506EPSS
Exploits1References5
OSV
OSV
added 2022/03/18 11:15 a.m.20 views

CVE-2021-22571

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

5.5CVSS6.3AI score
Exploits0References3
NVD
NVD
added 2022/03/18 11:15 a.m.28 views

CVE-2021-22571

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

5.5CVSS0.00196EPSS
Exploits0References3
Prion
Prion
added 2022/03/18 11:15 a.m.17 views

Design/Logic Flaw

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

2.1CVSS5.2AI score0.00196EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/03/18 11:5 a.m.28 views

CVE-2021-22571 Information Leak in SA360-webquery-bigquery through read on /tmp

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

5.5CVSS5.5AI score0.00196EPSS
Exploits0References3
Redos
Redos
added 2022/03/14 12:0 a.m.58 views

ROS-20220314-01

Vulnerability in Mozilla Firefox browser, related to a logic error in iframe processing. Exploitation the vulnerability could allow an attacker acting remotely and who has the ability to control the contents of an isolated iframe program environment , allow-popups, but not allow-scripts, could...

9.6CVSS7.9AI score0.00931EPSS
Exploits4
Veracode
Veracode
added 2022/03/10 4:20 a.m.53 views

Information Disclosure

firefox is vulnerable to information disclosure. The vulnerability exists due to a browser stores files in the /tmp folder, which is accessible by all local users...

6.5CVSS2.5AI score0.0068EPSS
Exploits1References5Affected Software6
CNVD
CNVD
added 2022/03/10 12:0 a.m.34 views

Mozilla Firefox Access Control Error Vulnerability (CNVD-2023-68217)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an Access Control Error vulnerability that originates when the browser stores files in the /tmp folder, which is accessible to all local users. An attacker could use this...

4.3CVSS6.6AI score0.0068EPSS
Exploits1Affected Software2
OSV
OSV
added 2022/02/26 5:15 a.m.3 views

UBUNTU-CVE-2022-24986

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands...

7.8CVSS7AI score0.00249EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2022/01/10 12:0 a.m.68 views

CVE-2021-3997

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp...

5.5CVSS7AI score0.01561EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2021/12/07 3:15 a.m.14 views

CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS7AI score0.00254EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/11/23 5:54 p.m.35 views

Improper file handling in concrete5/core

A bypass of adding remote files in Concrete CMS previously concrete5 File Manager leads to remote code execution in Concrete CMS concrete5 versions 8.5.6 and below. The external file upload feature stages files in the public directory even if they have disallowed file extensions. They are stored ...

7.2CVSS1.3AI score0.03132EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.20 views

Mozilla Firefox Security Advisory (MFSA2014-90) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

2.1CVSS6.6AI score0.00304EPSS
Exploits0References3
NVD
NVD
added 2021/10/26 1:15 p.m.16 views

CVE-2011-4119

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

9.8CVSS0.01831EPSS
Exploits1References3
Prion
Prion
added 2021/10/26 1:15 p.m.10 views

Code injection

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

7.5CVSS7.1AI score0.01831EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/10/26 12:11 p.m.41 views

CVE-2011-4119

CVE-2011-4119 affects caml-light

9.8CVSS9.4AI score0.01831EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/09/09 6:15 p.m.5 views

CVE-2021-28911

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data e.g. device serial number. Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part...

9.8CVSS5.8AI score0.01653EPSS
Exploits0References1
CVE
CVE
added 2021/09/09 5:45 p.m.53 views

CVE-2021-28911

CVE-2021-28911 concerns BAB TECHNOLOGIE GmbH eibPort V3 prior to 3.9.1. The vulnerability allows unauthenticated access to the /tmp directory that may contain sensitive data such as the device serial number. With that information, a loginId can be brute-forced against the BMX interface, forming a...

10CVSS9.4AI score0.01653EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.5 views

Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort 安全漏洞

Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort is an application from BAB TECHNOLOGIE GmbH Bab Technologie Gmbh, Germany, for managing smart furniture devices. A security vulnerability exists in BAB TECHNOLOGIE GmbH eibPort V3, which stems from a vulnerability in versions prior to 3.9.1 that...

10CVSS8.2AI score0.01653EPSS
Exploits0References2
Rows per page
Query Builder