CWE-379 · Creation of Temporary File in Directory with Insecure Permissions
53 CVEs classified under CWE-379 (Creation of Temporary File in Directory with Insecure Permissions). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-32438 | High | 8.8 | 2025-04-15 | make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable e… |
CVE-2025-27148 | High | 8.8 | 2025-02-25 | Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory ca… |
CVE-2023-49797 | High | 8.8 | 2023-12-09 | PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may… |
CVE-2021-29428 | High | 8.8 | 2021-04-13 | In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and… |
CVE-2024-9500 | High | 7.8 | 2024-11-15 | A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges t… |
CVE-2023-3181 | High | 7.8 | 2024-01-25 | The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Temp~nsu.tmp and copies itself to it as Au_.e… |
CVE-2023-3972 | High | 7.8 | 2023-11-01 | A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and director… |
CVE-2023-37243 | High | 7.8 | 2023-10-31 | The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Wi… |
CVE-2023-26396 | High | 7.8 | 2023-04-12 | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrec… |
CVE-2023-21612 | High | 7.8 | 2023-01-18 | Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary Fil… |
CVE-2023-21611 | High | 7.8 | 2023-01-18 | Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary Fil… |
CVE-2021-21100 | High | 7.8 | 2021-04-15 | Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker… |
CVE-2021-28613 | High | 7.4 | 2021-09-27 | Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily ove… |
CVE-2025-21173 | High | 7.3 | 2025-01-14 | .NET Elevation of Privilege Vulnerability |
CVE-2021-40708 | High | 7.3 | 2021-09-29 | Adobe Genuine Service versions 7.3 (and earlier) are affected by a privilege escalation vulnerability in the AGSService installer. An authenticated attacker co… |
CVE-2024-24693 | High | 7.2 | 2024-03-13 | Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service… |
CVE-2025-10279 | High | 7.0 | 2026-02-02 | In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions (0o777). This v… |
CVE-2025-71176 | Medium | 6.8 | 2026-01-22 | pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-{user} name pattern, which allows local users to cause a denial of service or possib… |
CVE-2026-42191 | Medium | 6.5 | 2026-05-12 | OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP (OpenTelemetry Protocol) exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in… |
CVE-2021-39827 | Medium | 6.5 | 2021-09-27 | Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated at… |