Creating and using insecure temporary files can leave application and system data vulnerable to attack.
93 vulnerabilities with CWE-377
CVE-2018-19637
LOW
Supportutils <3.1-5.7.1 - Info Disclosure
CVSS 2.8
CVE-2018-6706
HIGH
McAfee Agent <5.0.7 - Info Disclosure
CVSS 7.5
CVE-2018-6705
HIGH
McAfee Agent 5.0.0-5.0.6 5.5.0 5.5.1 - Privilege Escalation via Insecure Temporary File
CVSS 7.8
CVE-2018-6704
HIGH
McAfee Agent 5.0.0-5.0.6 5.5.0 5.5.1 - Privilege Escalation via Insecure Temporary File
CVSS 7.8
CVE-2018-3710
HIGH
GitLab 8.9.0-9.5.9 - Remote Code Execution via Insecure Temporary File in Project Import
CVSS 7.8
CVE-2018-1053
HIGH
PostgreSQL 9.3.0-9.3.20, 9.4.0-9.4.15, 9.5.0-9.5.10, 9.6.0-9.6.6, 10.0-10.1 - Insecure Temporary File Permissions
CVSS 7.0
CVE-2017-20147
MEDIUM
smokeping < 2.7.3-r1 - Denial of Service via PID File Manipulation
CVSS 6.5
CVE-2017-16024
MEDIUM
sync-exec < 0.6.2 - Insecure Temporary File
CVSS 6.5
CVE-2017-15111
MEDIUM
keycloak-httpd-client-install < 0.8 - Insecure Temporary File via Symbolic Link
CVSS 5.5
CVE-2017-7549
MEDIUM
Red Hat OpenStack - Symbolic-Link Attack
CVSS 6.4
CVE-2017-7560
MEDIUM
rhnsd - Insecure Temporary File Permissions
CVSS 5.5
CVE-2016-9595
HIGH
Katello < 3.4.0 - Insecure Temporary File Handling
CVSS 7.3
CVE-2015-0849
LOW
pycode-browser <1.0 - Info Disclosure
CVSS 3.9
CVE-2015-5224
CRITICAL
util-linux < 2.26.2 - Insecure Temporary File via mkostemp Function
CVSS 9.8
CVE-2013-4253
HIGH
Red Hat OpenShift 1 - Insecure Default SSH Key in OpenShift Extras Deployment Script
CVSS 7.5
CVE-2013-4561
CRITICAL
OpenShift - Insecure Temporary File Handling in Mcollective Facts Update Cron Job
CVSS 9.1
CVE-2012-2666
CRITICAL
golang/go <1.0.2 - Code Injection
CVSS 9.8
CVE-2011-4119
CRITICAL
caml-light <= 0.75 - Buffer Overflow
CVSS 9.8
Details
Vulnerabilities
93