| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval. |
| mediawiki allows deleted text to be exposed |
| Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword. |
| hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request. |
| tog-Pegasus has a package hash collision DoS vulnerability |
| cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE |
| cobbler: Web interface lacks CSRF protection when using Django framework |
| Joomla! 1.7.1 has core information disclosure due to inadequate error checking. |
| gpw generates shorter passwords than required |
| mpack 1.6 has information disclosure via eavesdropping on mails sent by other users |
| A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured. |
| simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages. |
| Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters. |
| Shaman 1.0.9: Users can add the line askforpwd=false to his shaman.conf file, without entering the root password in shaman. The next time shaman is run, root privileges are granted despite the fact that the user never entered the root password. |
| websitebaker prior to and including 2.8.1 has an authentication error in backup module. |
| The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. |
| A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3. |
| Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere. |
| The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files. |
| Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files. |
