Kcapifony gem for Ruby places database user passwords on the command line

lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the 1 mysqldump, 2 pgdump, 3 mysql, and 4 psql command lines, which allows local users to obtain sensitive information by listing the processes...

lynx doesn't properly sanitize user input and exposes database password to unauthorized users

The lynx gem prior to 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes. As of version 1.0.0, lynx no longer supports a --password option. Passwords are only configured in a configuration file, so it's no...

CVE-2014-5002

The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes...

cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character

It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands...

Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued]

On Sunday, May 05, 2013 10:13 PM I wrote: Hi @ll, Fujitsus http://www.fsc-pc.de/ factory preinstallation as found on a Fujitsu Lifebook A512 purchased a month ago of Windows 8 Professional x64 I'm VERY confident that other variants of Fujitsu's Windows 8 factory installation are just the like has...

CVE-2008-5188

The 1 ecryptfs-setup-private, 2 ecryptfs-setup-confidential, and 3 ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process...

CVE-2008-5188

The 1 ecryptfs-setup-private, 2 ecryptfs-setup-confidential, and 3 ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process...

CVE-2007-4303

Multiple race conditions in 1 certain rules and 2 argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb...

CVE-2006-7038

Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service crash via 1 "long command lines at port 32000" and 2 certain name service queries that are not properly handled by the SMTP service...