Filtered by CWE-668
Filtered by vendor Subscriptions
Total 648 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-9550 1 Totolink 16 A850r-v1, A850r-v1 Firmware, F1-v2 and 13 more 2024-11-21 7.5 High
An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface.
CVE-2015-10004 1 Json Web Token Project 1 Json Web Token 2024-11-21 7.5 High
Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an attacker may use this to determine the expected HMAC.
CVE-2014-2387 3 Debian, Opensuse, Pen Project 3 Debian Linux, Opensuse, Pen 2024-11-21 4.4 Medium
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities
CVE-2014-0023 1 Redhat 1 Openshift 2024-11-21 7.8 High
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution
CVE-2013-4561 1 Redhat 1 Openshift 2024-11-21 9.1 Critical
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.
CVE-2013-4480 2 Redhat, Suse 5 Network Satellite, Satellite, Satellite With Embedded Oracle and 2 more 2024-11-21 N/A
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
CVE-2013-4374 1 Redhat 2 Jboss Operations Network, Rhq Mongo Db Drift Server 2024-11-21 7.1 High
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files.
CVE-2013-4280 1 Redhat 3 Enterprise Virtualization, Storage, Virtual Desktop Server Manager 2024-11-21 5.5 Medium
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
CVE-2013-4253 1 Redhat 1 Openshift 2024-11-21 7.5 High
The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file.
CVE-2013-2183 1 Monkey-project 1 Monkey 2024-11-21 7.1 High
Monkey HTTP Daemon has local security bypass
CVE-2013-0163 1 Redhat 1 Openshift 2024-11-21 5.5 Medium
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
CVE-2012-5639 3 Apache, Debian, Libreoffice 3 Openoffice, Debian Linux, Libreoffice 2024-11-21 6.5 Medium
LibreOffice and OpenOffice automatically open embedded content
CVE-2012-1846 1 Google 1 Chrome 2024-11-21 N/A
Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affected product may be clarified later; it was not identified by the researcher, who reportedly stated "it really doesn't matter if it's third-party code."
CVE-2011-1960 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2024-11-21 N/A
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability."
CVE-2011-1258 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2024-11-21 N/A
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability."
CVE-2009-5042 2 Debian, Python-docutils Project 2 Debian Linux, Python-docutils 2024-11-21 9.1 Critical
python-docutils allows insecure usage of temporary files
CVE-2008-7291 2 Debian, Gri Project 2 Debian Linux, Gri 2024-11-21 9.8 Critical
gri before 2.12.18 generates temporary files in an insecure way.
CVE-2008-2544 1 Linux 1 Linux Kernel 2024-11-21 5.5 Medium
Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.
CVE-2007-3915 1 Mandriva 1 Mondo 2024-11-21 9.1 Critical
Mondo 2.24 has insecure handling of temporary files.
CVE-2005-2351 2 Debian, Mutt 2 Debian Linux, Mutt 2024-11-21 5.5 Medium
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.