Steve Kemp

#1557of 53,632
144Total CVSS
Vulnerabilities · 26
Low
6
Medium
10
High
10
PT-2019-7086
4.6
2019-12-13
Pen · Pen · CVE-2014-2387
**Name of the Vulnerable Software and Affected Versions** Pen version 0.18.0 **Description** The issue is related to Insecure Temporary File Creation. **Recommendations** For Pen version 0.18.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-7124
7.0
2019-11-21
Xcfa · Xcfa · CVE-2014-5255
**Name of the Vulnerable Software and Affected Versions** xcfa versions prior to 5.0.1 **Description** The issue allows local users to launch a symlink attack and overwrite arbitrary files due to insecure creation of temporary files. **Recommendations** For versions prior to 5.0.1, update to version 5.0.1 or later to resolve the issue.
PT-2019-7123
4.7
2019-11-21
Xcfa · Xcfa · CVE-2014-5254
**Name of the Vulnerable Software and Affected Versions** xcfa versions prior to 5.0.1 **Description** The issue allows local users to launch a symlink attack and overwrite arbitrary files due to insecure creation of temporary files. **Recommendations** For versions prior to 5.0.1, update to version 5.0.1 or later to resolve the issue.
PT-2018-4221
5.5
2018-07-20
Scheme 48 · Scheme 48 · CVE-2014-4150
**Name of the Vulnerable Software and Affected Versions** Scheme 48 (affected versions not specified) **Description** The issue allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp, specifically through the scheme48-send-definition function in cmuscheme48.el. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2017-7467
5.5
2017-06-27
Stalin · Stalin · CVE-2015-8697
**Name of the Vulnerable Software and Affected Versions** stalin versions 0.11-5 **Description** The issue allows local users to write to arbitrary files. **Recommendations** For stalin versions 0.11-5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2014-3214
4.9
2014-05-08
Gnu · Gnu Rush · CVE-2013-6889
**Name of the Vulnerable Software and Affected Versions** GNU Rush version 1.7 **Description** The issue allows local users to read arbitrary files due to improper privilege handling. This is achieved via the --lint option. **Recommendations** For GNU Rush version 1.7, consider restricting access to the --lint option until a proper fix is applied to ensure that privileges are dropped correctly.
PT-2014-5311
3.3
2014-05-08
Free Software Foundation · Gnu Emacs · CVE-2014-3424
**Name of the Vulnerable Software and Affected Versions** GNU Emacs versions 24.3 and earlier **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file in /tmp/tramp.#####. **Recommendations** For GNU Emacs versions 24.3 and earlier, consider updating to a version that contains a fix for this issue, as using a version prior to the fixed one poses a risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2014-5310
3.3
2014-05-08
Gnu · Gnu Emacs · CVE-2014-3423
**Name of the Vulnerable Software and Affected Versions** GNU Emacs versions 24.3 and earlier **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic temporary file. **Recommendations** For GNU Emacs versions 24.3 and earlier, consider updating to a version later than 24.3 to resolve the issue.
PT-2014-5309
3.3
2014-05-08
Gnu · Gnu Emacs · CVE-2014-3422
**Name of the Vulnerable Software and Affected Versions** GNU Emacs versions prior to 24.4 **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/. **Recommendations** For GNU Emacs versions prior to 24.4, update to version 24.4 or later to resolve the issue.
PT-2014-5308
3.3
2014-05-08
Gnu · Gnu Emacs · CVE-2014-3421
**Name of the Vulnerable Software and Affected Versions** GNU Emacs versions 24.3 and earlier **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file. This is related to the lisp/gnus/gnus-fun.el component. **Recommendations** For GNU Emacs versions 24.3 and earlier, update to a version later than 24.3 to resolve the issue.
PT-2012-3989
5.0
2012-08-13
Bytemark · Bytemark Symbiosis · CVE-2012-2368
**Name of the Vulnerable Software and Affected Versions** Bytemark Symbiosis versions prior to Revision 1322 **Description** The issue allows remote attackers to gain access to email accounts using an arbitrary password due to improper password validation. **Recommendations** For versions prior to Revision 1322, update to Revision 1322 or later to resolve the issue.
PT-2008-1031
7.2
2008-11-26
Debian · Hf · CVE-2008-2378
**Name of the Vulnerable Software and Affected Versions** hf versions 0.7.3 through 0.8 **Description** The issue concerns multiple vulnerabilities in the hf package of the Debian GNU/Linux operating system, which can be exploited by a local attacker to compromise the confidentiality, integrity, and availability of protected information. A specific vulnerability exists in the hfkernel, where improper handling of the -k option allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH. **Recommendations** For versions 0.7.3 through 0.8, consider restricting access to the killall program to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the -k option in the hfkernel until the issue is resolved.
PT-2008-3408
2.1
2008-04-17
Tss · Tss · CVE-2008-1877
**Name of the Vulnerable Software and Affected Versions** tss version 0.8.1 **Description** The issue allows local users to read arbitrary files. This is achieved via the `-a` parameter, which is processed while tss is running with privileges. **Recommendations** For version 0.8.1, avoid using the `-a` parameter until a fix is available. As a temporary workaround, consider restricting the privileges under which tss runs to minimize the risk of exploitation.
PT-2008-1039
7.2
2008-03-04
Xwine · Xwine · CVE-2008-0930
**Name of the Vulnerable Software and Affected Versions** XWine version 1.0.1 **Description** The issue allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file, potentially leading to disruption of confidentiality, integrity, and availability of protected information. This can be exploited by a local attacker. **Recommendations** For XWine version 1.0.1, consider restricting access to the temporaire temporary file to prevent symlink attacks until a patch is available. Additionally, monitor file system activity for suspicious behavior. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2007-5140
6.0
2007-10-28
Xen · Xen · CVE-2007-3919
Name of the Vulnerable Software and Affected Versions: Xen versions 3.1 and earlier Description: The issue allows local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm, which is related to xenbaked and xenmon.py. Recommendations: For Xen versions 3.1 and earlier, consider restricting access to the /tmp/xenq-shm file to prevent symlink attacks until a patch is available. As a temporary workaround, consider disabling the xenmon.py script until a patch is available. Avoid using xenbaked and xenmon.py in Xen versions 3.1 and earlier until the issue is resolved.
PT-2007-4146
7.2
2007-07-05
Gfax · Gfax · CVE-2007-2839
**Name of the Vulnerable Software and Affected Versions** gfax versions 0.4.2 and probably other versions **Description** The issue allows local users to execute arbitrary commands via unknown vectors due to insecure creation of temporary files. **Recommendations** For version 0.4.2 and probably other versions, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2007-1016
7.2
2007-07-03
Gsambad · Gsambad · CVE-2007-2838
Name of the Vulnerable Software and Affected Versions: GSAMBAD version 0.1.4 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file. This can lead to disruption of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out by a local attacker. Recommendations: For GSAMBAD version 0.1.4, consider restricting access to the `populate conns` function in src/populate conns.c to minimize the risk of exploitation. As a temporary workaround, avoid using the /tmp/gsambadtmp temporary file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2005-4331
7.5
2005-12-31
Petris · Petris · CVE-2005-3540
**Name of the Vulnerable Software and Affected Versions** petris versions prior to 1.0.1 **Description** The issue allows remote attackers to execute arbitrary code. This is due to a buffer overflow. **Recommendations** For versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue.
PT-2005-4326
7.5
2005-12-27
Ketm · Ketm · CVE-2005-3535
**Name of the Vulnerable Software and Affected Versions** KETM version 0.0.6 **Description** A buffer overflow issue allows local users to execute arbitrary code. The exact vectors used for exploitation are not specified. **Recommendations** For KETM version 0.0.6, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2005-3949
5.0
2005-10-30
Gnu · Gnump3D · CVE-2005-3123
**Name of the Vulnerable Software and Affected Versions** GNUMP3D versions prior to 2.9.6 **Description** A directory traversal issue allows remote attackers to read arbitrary files by providing crafted sequences, such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. **Recommendations** For versions prior to 2.9.6, update to version 2.9.6 or later to resolve the issue.