Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:27 a.m.7 views

CVE-2008-7320

GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision...

6.8CVSS6.6AI score0.00447EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-4595

Malware in sbrugna...

7.5CVSS6.4AI score0.01383EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.6 views

SUSE CVE-2013-4958

Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...

6.9CVSS6.9AI score0.00382EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/11/18 7:0 p.m.35 views

CVE-2008-7320

GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision...

6.8AI score0.00447EPSS
Exploits0References4
OSV
OSV
added 2017/05/10 2:29 p.m.4 views

UBUNTU-CVE-2017-8879

Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation...

6.8CVSS6.8AI score0.00439EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2017/05/10 12:0 a.m.11 views

PT-2017-18601 · Dolibarr · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 4.0.4 Description: The issue allows password changes without requiring the current password, making it easier for attackers with physical access to obtain access via an unattended workstation. Recommendations: For...

6.8CVSS6.6AI score0.00439EPSS
Exploits1References8
OSV
OSV
added 2016/07/28 2:2 a.m.5 views

CVE-2016-4531

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

7.3CVSS5.8AI score0.08222EPSS
Exploits0References2
NVD
NVD
added 2015/06/09 12:59 a.m.19 views

CVE-2015-4418

Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

5CVSS6.8AI score0.02854EPSS
Exploits0References3
Prion
Prion
added 2015/06/09 12:59 a.m.18 views

Design/Logic Flaw

Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

5CVSS7.3AI score0.02854EPSS
Exploits0References3
NVD
NVD
added 2014/02/14 1:10 p.m.17 views

CVE-2013-6742

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

7.5CVSS6.5AI score0.01309EPSS
Exploits0References2
NVD
NVD
added 2013/09/25 10:31 a.m.21 views

CVE-2013-4025

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote attackers to obtain...

1.9CVSS6.4AI score0.00479EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2012/08/07 8:55 p.m.31 views

CVE-2012-3452

gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen locking and access an unattended workstation...

3.3CVSS5.9AI score0.00338EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2011/08/09 7:55 p.m.4 views

CVE-2011-2978

Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address aka oldemail field for e-mail change notifications, which makes it easier for remote...

5CVSS5.8AI score0.01713EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2010/02/11 9:30 p.m.37 views

CVE-2009-4642

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended...

7.2CVSS5.9AI score0.0034EPSS
Exploits0References1
OSV
OSV
added 2010/02/11 9:30 p.m.3 views

DEBIAN-CVE-2009-4642

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended...

7.2CVSS6.9AI score0.0034EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2010/02/11 12:0 a.m.24 views

CVE-2009-4641

gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended...

7.2CVSS5.9AI score0.00369EPSS
Exploits0References2
Rows per page
Query Builder