73 matches found
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from the possibility that the browsing environment may not be cleared when closing a private window under certain circumstances...
Design/Logic Flaw
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to...
PT-2023-4259 · Sap · Sap Businessobjects Business Intelligence
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence version 420 Description: The issue is related to insufficient protection of internal data in SAP BusinessObjects Business Intelligence. Under specific conditions, when a user logs in to a particular...
PT-2023-8971
Name of the Vulnerable Software and Affected Versions shadow-utils affected versions not specified Description A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the...
PT-2023-22093 · Unknown · @Fastify/Csrf-Protection +1
Name of the Vulnerable Software and Affected Versions: @fastify/passport versions prior to the version that includes the configuration options clearSessionOnLogin and clearSessionIgnoreFields Description: The CSRF protection enforced by the @fastify/csrf-protection library, when combined with...
SUSE CVE-2005-3180
The Orinoco driver orinoco.c in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information...
SUSE CVE-2011-1162
The tpmread function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command...
SUSE CVE-2019-20637
An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the...
SUSE CVE-2020-24586
The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using...
CVE-2022-28764
The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting...
Zoom Client 信息泄露漏洞
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. An information disclosure vulnerability exists in Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows versions prior to 5.12.6, which stems from failing to clear data from a loc...
Johnson Controls Metasys ADS/ADX/OAS Servers 安全漏洞
Johnson Controls Metasys ADS/ADX/OAS Servers are an application and data server from Johnson Controls, Inc. A security vulnerability exists in Johnson Controls Metasys ADS/ADX/OAS Servers that stems from the fact that under certain circumstances, session tokens are not cleared upon logout...
DEBIAN-CVE-2020-24586
The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using...
chromium-browser: Uninitialized Use in V8
The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...
Unspecified Vulnerability in Mattermost Mobile Apps (CNVD-2020-35186)
Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. A security vulnerability exists in Mattermost Mobile Apps prior to version 1.26.0, which can be exploited by an attacker to obtain sensitive information due to the program's failure to clear cookie data after a user log...
UBUNTU-CVE-2019-20637
An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the...
Arris Touchstone Telephony Gateway TG1682G Privileged Access Vulnerability
The Arris Touchstone Telephony Gateway TG1682G is an all-in-one Modem modem router from the Arris Group of Companies. A security vulnerability exists in the Arris Touchstone Telephony Gateway TG1682G version 9.1.103J6, which stems from a logout operation that fails to immediately clear all state ...
Google Android has an unspecified vulnerability (CNVD-2018-10121)
Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Qualcomm FSM9055 and other central processing unit CPU products from Qualcomm for different platforms. A security vulnerability exists in the Qualcomm closed-source component ...
USN-3422-1 linux vulnerabilities
It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...
Linux Kernel 'drivers/acpi/acpica/psobject.c' Local Information Disclosure Vulnerability
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in the 'acpipscompletefinalop' function in the drivers/acpi/acpica/psobject.c file in Linux kernel 4.12.9 and earlier, whic...