CVE-2014-5509

clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a symlink attack on /tmp/clipedit$$...

CVE-2014-4978

The rsfiltergraph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on 1 /tmp/rs-filter-graph.png or 2 /tmp/rs-filter-graph...

CVE-2017-15288

The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/$USER:shared/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges. Mitigati...

GHSA-WMJF-JPJJ-9F3J RuboCop gem Insecure use of /tmp

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users...

RuboCop gem Insecure use of /tmp

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users...

CVE-2017-15288

The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/$USER:shared/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges...

Phusion Passenger Denial of Service

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...

CVE-2014-0047

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...

CVE-2014-0047

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...

Code injection

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...

CVE-2014-0047

CVE-2014-0047 affects Docker before 1.5, where local users can cause unspecified impact via vectors involving unsafe /tmp usage. The available connected documents confirm the vulnerable condition and local-privilege context but do not provide concrete exploitation details or a confirmed fix/versi...

CVE-2014-0047

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...

CVE-2014-0047

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage...

Updated open-vm-tools packages fix security vulnerability

It was discovered that open-vm-tools has multiple /tmp race conditions in the libDeployPkg component, allowing an unprivileged local user in a guest to cause a denial of service through file system manipulation, or, possibly, increase privileges CVE-2015-5191...

chkrootkit: Local privilege escalation

Background chkrootkit is a tool to locally check for signs of a rootkit. Description When /tmp is mounted without the noexec option chkrootkit will execute files in /tmp with root privileges. Impact A local attacker could possibly execute arbitrary code with root privileges. Workaround Users shou...

CVE-2015-1590

The kamcmd administrative utility and default configuration in kamailio before 4.3.0 use /tmp/kamailioctl...

DEBIAN-CVE-2013-7426

Insecure Temporary file vulnerability in /tmp/kamailiofifo in kamailio 4.0.1...

CVE-2013-7426

The vulnerability CVE-2013-7426 affects kamailio 4.0.1, via insecure creation of /tmp/kamailio_fifo. Several connected sources corroborate an insecure temporary-file vulnerability in /tmp/kamailio_fifo, enabling manipulation of the file path. Notably, CNVD-2017-31584 describes a remote attacker e...

Fedora 25 : open-vm-tools (2017-4b4154d6f6)

Fix /tmp race conditions in libDeployPkg CVE-2015-5191. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

DEBIAN-CVE-2015-5191

VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H...