4 matches found
GHSA-W9VV-FVW8-J6Q3 codders-dataset Process Table Local Plaintext Credential Disclosure
lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby both place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
WIN-911 7.17.00 - Multiple Vulnerabilities
WIN-911 7.17.00 - Multiple Vulnerabilities Title: WIN-911 - Insecure File Permissions EoP CWE Class: CWE-276: Incorrect Default Permissions Date: 05/09/2016 Vendor: Win911 Product: WIN-911 Type: Alarm Notification Software Version: V7.17.00 Download URL: through Rockwell Automation downloads:...
point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure
point-cli Gem for Ruby contains a flaw in /lib/commands/setup.rb that is due to the application exposing credential information in plaintext in the process table. This may allow a local attacker to gain access to credential information...
cap-strap Gem for Ruby Process Table Local Plaintext Credential Disclosure
cap-strap Gem for Ruby contains a flaw that is due to the application exposing credential information in plaintext in the process table listing. This may allow a local attacker to gain access to credential information...