PT-2026-3022

Name of the Vulnerable Software and Affected Versions Omnispace Agora Project versions prior to 25.10 Description A file upload issue exists in the Omnispace Agora Project. The issue allows authenticated users, and potentially guest users under certain conditions, to upload files via the...

MiracleLinux 3 : sudo-1.7.2p1-14.AXS3.3 (AXSA:2012-777:03)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-777:03 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

MiracleLinux 9 : thunderbird-128.10.0-1.el9_6.ML.1 (AXSA:2025-10475:14)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10475:14 advisory. thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing...

MiracleLinux 9 : socat-1.7.4.1-6.el9_6.1 (AXSA:2025-10632:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10632:02 advisory. socat: arbitrary file overwrite via predictable /tmp directory CVE-2024-54661 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : thunderbird-128.9.2-1.el9_5.ML.1 (AXSA:2025-9897:08)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9897:08 advisory. thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing...

CVE-2018-10519

CMS Made Simple CMSMS 2.2.7 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the effuid value within $COOKIE$this-loginkey to equal 1, because files in the tmp/ directory are accessible through HTTP requests. NOTE: this vulnerability exists because o...

CVE-2016-10799

cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation SEC-137...

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

CVE-2021-22571

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...

CVE-2025-67091

CVE-2025-67091 affects GL.iNet AX1800 firmware versions 4.6.4 and 4.6.8 . The issue lies in the GL.iNet custom opkg wrapper script at /usr/libexec/opkg-call , which runs with root privileges when triggered via the LuCI web interface or authenticated API calls to manage packages. Vulnerable code u...

EUVD-2022-55937

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory with .dns.pid extension. Unauthenticated attackers can execute the malicious commands by making a single HTTP POST request to the...

EUVD-2022-55935

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the vulnerable ping.php script,...

CVE-2022-50795

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...

CVE-2022-50791

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the vulnerable ping.php script,...

PT-2025-54239

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and earlier Description The software contains a conditional command injection issue. Local authenticated users can create malicious files in the /tmp directory. Unauthenticated attackers can execute...

SOUND4多款产品 操作系统命令注入漏洞

SOUND4 IMPACT and others are products of the French company SOUND4.SOUND4 IMPACT is a professional audio processor for broadcasting.SOUND4 FIRST is an audio processor for broadcasting.SOUND4 PULSE is an audio processor. An operating system command injection vulnerability exists in several SOUND4...

CVE-2018-25145

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers to download sensitive system configuration files. Attackers can retrieve configuration files from multiple directories including '/www', '/etc/mcli/', and '/tmp' to access syst...

Mattermost Desktop App 安全漏洞

Mattermost Desktop App is a messaging desktop application from Mattermost USA. A security vulnerability exists in Mattermost Desktop App versions prior to 6.0.0, which stems from the failure to enable the hardened runtime when packaging for the Mac App Store, and could result in inheriting TCC...

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

Security Bulletin: Astronomer with IBM is vulnerable to arbitrary writes due to the tmp package (CVE-2025-54798)

Summary Tmp is used by Astronomer with IBM as part of the file processing functionality. Vulnerability Details CVEID:CVE-2025-54798 DESCRIPTION: tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory wri...