Lucene search
K

153 matches found

Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.9 views

PT-2023-28197 · Gallagher · Gallagher Controller 6000

Name of the Vulnerable Software and Affected Versions: Gallagher Controller 6000 versions 8.60 or earlier Gallagher Controller 6000 versions 8.70 prior to vCR8.70.231204a Description: Sensitive information is not properly cleared after a debug or power state transition in the Controller 6000. Thi...

4.6CVSS4.5AI score0.00311EPSS
Exploits0References6
curl security advisories
curl security advisories
added 2023/12/06 8:0 a.m.8 views

HSTS long filename clears contents

When saving HSTS data to an excessively long filename, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use...

5.3CVSS6.5AI score0.01133EPSS
Exploits1References1Affected Software2
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: rtc: pl031: fix rtc features null pointer dereference

A flaw was found in the rtc-pl031 module in the Linux kernel. The alarm feature bit was cleaned before device initialization, which caused a NULL pointer dereference when there was no interrupt line. This resulted in a system crash and a denial of service...

5.5CVSS6.5AI score0.00245EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.5 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from the possibility that the browsing environment may not be cleared when closing a private window under certain circumstances...

7.5CVSS7.5AI score0.00565EPSS
Exploits0References13
Prion
Prion
added 2023/08/08 1:15 a.m.29 views

Design/Logic Flaw

In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to...

1CVSS4.6AI score0.00107EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.5 views

PT-2023-4259 · Sap · Sap Businessobjects Business Intelligence

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence version 420 Description: The issue is related to insufficient protection of internal data in SAP BusinessObjects Business Intelligence. Under specific conditions, when a user logs in to a particular...

4.4CVSS7AI score0.00107EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/06/17 12:0 a.m.1 views

PT-2023-8971

Name of the Vulnerable Software and Affected Versions shadow-utils affected versions not specified Description A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the...

5.5CVSS6.8AI score0.00428EPSS
Exploits1References82
Amazon
Amazon
added 2023/06/07 12:0 a.m.6 views

Important: samba

Issue Overview: An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. CVE-2018-14628 A user with sufficient...

7.7CVSS6.6AI score0.01168EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/04/21 12:0 a.m.7 views

PT-2023-22093 · Unknown · @Fastify/Csrf-Protection +1

Name of the Vulnerable Software and Affected Versions: @fastify/passport versions prior to the version that includes the configuration options clearSessionOnLogin and clearSessionIgnoreFields Description: The CSRF protection enforced by the @fastify/csrf-protection library, when combined with...

6.5CVSS6.5AI score0.00384EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.5 views

SUSE CVE-2005-2876

umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...

7.2CVSS7.1AI score0.00426EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.2 views

SUSE CVE-2005-3180

The Orinoco driver orinoco.c in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information...

5CVSS6.7AI score0.03542EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.3 views

SUSE CVE-2011-0011

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions...

4.3CVSS7AI score0.01305EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.3 views

SUSE CVE-2011-1162

The tpmread function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command...

2.1CVSS6.3AI score0.00364EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.3 views

SUSE CVE-2018-6053

Inappropriate implementation in New Tab Page in Google Chrome prior to 64.0.3282.119 allowed a local attacker to view website thumbnail images after clearing browser data via a crafted HTML page...

3.3CVSS7.9AI score0.00755EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.2 views

SUSE CVE-2019-20637

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the...

7.5CVSS7.5AI score0.01746EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.3 views

SUSE CVE-2020-24586

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using...

4.7CVSS7.7AI score0.05765EPSS
Exploits2References32
OSV
OSV
added 2022/11/14 9:15 p.m.5 views

CVE-2022-28764

The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting...

3.3CVSS5.8AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.5 views

Zoom Client 信息泄露漏洞

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. An information disclosure vulnerability exists in Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows versions prior to 5.12.6, which stems from failing to clear data from a loc...

3.3CVSS5AI score0.00268EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/04/14 12:0 a.m.4 views

Johnson Controls Metasys ADS/ADX/OAS Servers 安全漏洞

Johnson Controls Metasys ADS/ADX/OAS Servers are an application and data server from Johnson Controls, Inc. A security vulnerability exists in Johnson Controls Metasys ADS/ADX/OAS Servers that stems from the fact that under certain circumstances, session tokens are not cleared upon logout...

9.8CVSS8.3AI score0.00997EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/02/04 11:15 p.m.7 views

CVE-2022-0227

DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...

5.4AI score
Exploits0References3
Rows per page
Query Builder