77 matches found
EUVD-2026-12694
Next.js: Unbounded next/image disk cache growth can exhaust storage...
CVE-2018-19165
neblio through 1.5.1 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
CVE-2022-45417
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private...
CVE-2019-10099
Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk controlled by spark.maxRemoteBlockSizeFetchToMem; in SparkR, using parallelize; in Pyspark, using...
CVE-2024-9040
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...
CVE-2024-9040 code-projects Blood Bank Management System Password cleartext storage in a file or on disk
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...
Code-Projects Blood Bank Management System 安全漏洞
Code-Projects Blood Bank Management System is an open source blood bank management system from Code-Projects. A security vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which stems from a problem in an unknown part of the password processor component that causes...
Missing Encryption Of Sensitive Data
Elasticsearch is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is due to the elasticsearch-certutil CLI tool storing generated private keys unencrypted on disk when creating Certificate Signing Requests, even if the --pass parameter is used...
IBM DS8900F HMC Log Message Disclosure Vulnerability
The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. The IBM DS8900F HMC suffers from a log information disclosure vulnerability that can be exploited by an attacker to view sensitive log...
IBM DS8900F HMC Information Disclosure Vulnerability
The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. An information disclosure vulnerability exists in the IBM DS8900F HMC, which can be exploited by an attacker to read arbitrary files after...
IBM DS8900F HMC 信息泄露漏洞
The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. An information disclosure vulnerability exists in the IBM DS8900F HMC, which can be exploited by an attacker to read arbitrary files after...
Denial of Service (DoS)
Overview aaptjs is an A node wraper for aapt Affected versions of this package are vulnerable to Denial of Service DoS via the add function which can be used to iteratively create new zip files from previous ones, eventually filling up the file system storage space. PoC js const pkg =...
DEBIAN-CVE-2023-4580
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...
CVE-2023-4580 Push notifications saved to disk unencrypted
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...
CVE-2023-4580
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...
Mozilla: Push notifications saved to disk unencrypted
The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...
Mozilla: Push notifications saved to disk unencrypted
The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...
Mozilla: Push notifications saved to disk unencrypted
The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...
Mozilla: Push notifications saved to disk unencrypted
The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...
Mozilla: Push notifications saved to disk unencrypted
The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...