Total
202 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-16539 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2024-11-21 | N/A |
| In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | ||||
| CVE-2018-16494 | 1 Versa-networks | 1 Versa Operating System | 2024-11-21 | 8.8 High |
| In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers. | ||||
| CVE-2017-16024 | 2 Nodejs, Sync-exec Project | 2 Node.js, Sync-exec | 2024-11-21 | N/A |
| The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec uses tmp directories as a buffer before returning values. Other users on the server have read access to the tmp directory, possibly allowing an attacker on the server to obtain confidential information from the buffer/tmp file, while it exists. | ||||
| CVE-2017-15111 | 2 Keycloak-httpd-client-install Project, Redhat | 2 Keycloak-httpd-client-install, Enterprise Linux | 2024-11-21 | N/A |
| keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link. | ||||
| CVE-2017-0367 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | N/A |
| Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure. | ||||
| CVE-2016-9595 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Katello | 2024-11-21 | N/A |
| A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files. | ||||
| CVE-2014-3701 | 1 Redhat | 2 Edeploy, Jboss Enterprise Web Server | 2024-11-21 | 8.1 High |
| eDeploy has tmp file race condition flaws | ||||
| CVE-2014-1859 | 3 Fedoraproject, Numpy, Redhat | 3 Fedora, Numpy, Enterprise Linux | 2024-11-21 | N/A |
| (1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2014-1858 | 1 Numpy | 1 Numpy | 2024-11-21 | N/A |
| __init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2014-0023 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.8 High |
| OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution | ||||
| CVE-2013-4561 | 1 Redhat | 1 Openshift | 2024-11-21 | 9.1 Critical |
| In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity. | ||||
| CVE-2013-4374 | 1 Redhat | 2 Jboss Operations Network, Rhq Mongo Db Drift Server | 2024-11-21 | 7.1 High |
| An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files. | ||||
| CVE-2013-4364 | 1 Redhat | 1 Openshift | 2024-11-21 | N/A |
| (1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp. | ||||
| CVE-2013-0165 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.3 High |
| cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. | ||||
| CVE-2013-0163 | 1 Redhat | 1 Openshift | 2024-11-21 | 5.5 Medium |
| OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS | ||||
| CVE-2012-2666 | 1 Golang | 1 Go | 2024-11-21 | 9.8 Critical |
| golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script. | ||||
| CVE-2011-4119 | 1 Inria | 1 Caml-light | 2024-11-21 | 9.8 Critical |
| caml-light <= 0.75 uses mktemp() insecurely, and also does unsafe things in /tmp during make install. | ||||
| CVE-2011-2924 | 3 Debian, Fedoraproject, Linuxfoundation | 3 Debian Linux, Fedora, Foomatic-filters | 2024-11-21 | 5.5 Medium |
| foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. | ||||
| CVE-2011-2923 | 2 Debian, Linuxfoundation | 2 Debian Linux, Foomatic-filters | 2024-11-21 | 5.5 Medium |
| foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. | ||||
| CVE-2005-2351 | 2 Debian, Mutt | 2 Debian Linux, Mutt | 2024-11-20 | 5.5 Medium |
| Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files. | ||||