Lucene search
K

73 matches found

CNNVD
CNNVD
added 2023/08/30 12:0 a.m.5 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from the possibility that the browsing environment may not be cleared when closing a private window under certain circumstances...

7.5CVSS7.5AI score0.00565EPSS
Exploits0References13
Prion
Prion
added 2023/08/08 1:15 a.m.30 views

Design/Logic Flaw

In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to...

1CVSS4.6AI score0.00107EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.5 views

PT-2023-4259 · Sap · Sap Businessobjects Business Intelligence

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence version 420 Description: The issue is related to insufficient protection of internal data in SAP BusinessObjects Business Intelligence. Under specific conditions, when a user logs in to a particular...

4.4CVSS7AI score0.00107EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/06/17 12:0 a.m.1 views

PT-2023-8971

Name of the Vulnerable Software and Affected Versions shadow-utils affected versions not specified Description A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the...

5.5CVSS6.8AI score0.00428EPSS
Exploits1References82
Positive Technologies
Positive Technologies
added 2023/04/21 12:0 a.m.9 views

PT-2023-22093 · Unknown · @Fastify/Csrf-Protection +1

Name of the Vulnerable Software and Affected Versions: @fastify/passport versions prior to the version that includes the configuration options clearSessionOnLogin and clearSessionIgnoreFields Description: The CSRF protection enforced by the @fastify/csrf-protection library, when combined with...

6.5CVSS6.5AI score0.00384EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.2 views

SUSE CVE-2005-3180

The Orinoco driver orinoco.c in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information...

5CVSS6.7AI score0.03542EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.3 views

SUSE CVE-2011-1162

The tpmread function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command...

2.1CVSS6.3AI score0.00364EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.3 views

SUSE CVE-2019-20637

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the...

7.5CVSS7.5AI score0.01746EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.3 views

SUSE CVE-2020-24586

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using...

4.7CVSS7.7AI score0.05765EPSS
Exploits2References32
OSV
OSV
added 2022/11/14 9:15 p.m.5 views

CVE-2022-28764

The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting...

3.3CVSS5.8AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.5 views

Zoom Client 信息泄露漏洞

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. An information disclosure vulnerability exists in Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows versions prior to 5.12.6, which stems from failing to clear data from a loc...

3.3CVSS5AI score0.00268EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/04/14 12:0 a.m.5 views

Johnson Controls Metasys ADS/ADX/OAS Servers 安全漏洞

Johnson Controls Metasys ADS/ADX/OAS Servers are an application and data server from Johnson Controls, Inc. A security vulnerability exists in Johnson Controls Metasys ADS/ADX/OAS Servers that stems from the fact that under certain circumstances, session tokens are not cleared upon logout...

9.8CVSS8.3AI score0.00997EPSS
Exploits0References6
OSV
OSV
added 2021/05/11 8:15 p.m.2 views

DEBIAN-CVE-2020-24586

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using...

3.5CVSS6.8AI score0.05765EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2020/12/17 4:24 p.m.3 views

chromium-browser: Uninitialized Use in V8

The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...

6.5CVSS7.2AI score0.00891EPSS
Exploits0References5
CNVD
CNVD
added 2020/06/22 12:0 a.m.3 views

Unspecified Vulnerability in Mattermost Mobile Apps (CNVD-2020-35186)

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. A security vulnerability exists in Mattermost Mobile Apps prior to version 1.26.0, which can be exploited by an attacker to obtain sensitive information due to the program's failure to clear cookie data after a user log...

5.3CVSS6.4AI score0.00901EPSS
Exploits0References1
OSV
OSV
added 2020/04/08 11:15 p.m.4 views

UBUNTU-CVE-2019-20637

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the...

7.5CVSS7.1AI score0.01746EPSS
Exploits0References5
CNVD
CNVD
added 2018/05/16 12:0 a.m.3 views

Arris Touchstone Telephony Gateway TG1682G Privileged Access Vulnerability

The Arris Touchstone Telephony Gateway TG1682G is an all-in-one Modem modem router from the Arris Group of Companies. A security vulnerability exists in the Arris Touchstone Telephony Gateway TG1682G version 9.1.103J6, which stems from a logout operation that fails to immediately clear all state ...

8CVSS8AI score0.01073EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/25 12:0 a.m.6 views

Google Android has an unspecified vulnerability (CNVD-2018-10121)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Qualcomm FSM9055 and other central processing unit CPU products from Qualcomm for different platforms. A security vulnerability exists in the Qualcomm closed-source component ...

10CVSS6.8AI score0.01252EPSS
Exploits0References1
OSV
OSV
added 2017/09/18 8:29 p.m.14 views

USN-3422-1 linux vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...

8CVSS7.8AI score0.16181EPSS
Exploits17References19
CNVD
CNVD
added 2017/08/28 12:0 a.m.8 views

Linux Kernel 'drivers/acpi/acpica/psobject.c' Local Information Disclosure Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in the 'acpipscompletefinalop' function in the drivers/acpi/acpica/psobject.c file in Linux kernel 4.12.9 and earlier, whic...

5.5CVSS5.8AI score0.00408EPSS
Exploits0References1
Rows per page
Query Builder