CVE-2014-1624

EPSS 0.05% · P14 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-1624

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

python-xdg‘xdg.BaseDirectory.get_runtime_dir’函数竞争条件漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

python-xdg是一个用于访问freedesktop.org的Python库标准。 python-xdg 0.25版本中的‘xdg.BaseDirectory.get_runtime_dir’函数中存在竞争条件漏洞，该漏洞源于程序以不安全的方式创建‘/tmp/pyxdg-runtime-dir-fallback-victim’临时文件。本地攻击者可通过实施符号链接攻击利用该漏洞覆盖任意文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-1624

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-1624

请登录查看更多情报信息。

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736247x_refsource_MISC
http://www.securityfocus.com/bid/65042vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/90618vdb-entryx_refsource_XF
http://www.openwall.com/lists/oss-security/2014/01/21/3mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2014/01/21/4mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2014-1624

Same Patch Batch · n/a · 2014-01-28 · 13 CVEs total

CVE-2012-5192		Bitweaver‘overlay_type’参数目录遍历漏洞
CVE-2013-6838		Enghouse Interactive IVR Pro 加密问题漏洞
CVE-2013-7135		CPanel CPAN ‘Proc::Daemon’模块不安全文件权限漏洞
CVE-2014-0647		Starbucks 信任管理漏洞
CVE-2014-1604		RPLY 安全漏洞
CVE-2014-1638		localepurge 安全漏洞
CVE-2014-1639		syncevolution 安全漏洞
CVE-2014-1640		axiom 安全漏洞
CVE-2013-6649		Google Chrome Blink 释放后重用漏洞
CVE-2013-6650		Google Chrome‘StoreBuffer::ExemptPopularPages’函数内存损坏漏洞
CVE-2014-1681		Google Chrome 安全漏洞
CVE-2013-5094		McAfee Vulnerability Manager 跨站脚本漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2014-1624

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2014-1624

I. Basic Information for CVE-2014-1624

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-1624

III. Intelligence Information for CVE-2014-1624

Same Patch Batch · n/a · 2014-01-28 · 13 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2014-1624

Leave a comment