CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-5711

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00059EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-3122

Malicious code in bioql PyPI...

7CVSS6.9AI score0.00054EPSS

Exploits0References6

Github Security Blog•added 2022/05/14 3:48 a.m.•16 views

VladTheEnterprising allows local users to write to arbitrary files via a symlink attack

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.targethost...

5.5CVSS5.5AI score0.00059EPSS

Exploits0References7Affected Software1

OSV•added 2022/05/14 3:48 a.m.•17 views

GHSA-86CF-G34F-7462 VladTheEnterprising allows local users to obtain sensitive information by reading MySQL root password from temporary file

Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed...

7CVSS6.5AI score0.00054EPSS

Exploits0References6

Github Security Blog•added 2022/05/14 3:48 a.m.•20 views

VladTheEnterprising allows local users to obtain sensitive information by reading MySQL root password from temporary file

7CVSS6.1AI score0.00054EPSS

Exploits0References7Affected Software1

OSV•added 2022/05/14 3:48 a.m.•11 views

GHSA-X4VJ-279X-QWF2 VladTheEnterprising allows local users to write to arbitrary files via a symlink attack

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.targethost...

5.5CVSS5.3AI score0.00059EPSS

Exploits0References6

Prion•added 2018/01/10 6:29 p.m.•11 views

Race condition

1.9CVSS6.4AI score0.00054EPSS

Exploits0References5Affected Software1

NVD•added 2018/01/10 6:29 p.m.•11 views

CVE-2014-4995

7CVSS6.6AI score0.00054EPSS

Exploits0References5

NVD•added 2018/01/10 6:29 p.m.•6 views

CVE-2014-4996

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.targethost...

5.5CVSS5.4AI score0.00059EPSS

Exploits0References5

Cvelist•added 2018/01/10 6:0 p.m.•14 views

CVE-2014-4996

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.targethost...

5.4AI score0.00059EPSS

Exploits0References5

CVE•added 2018/01/10 6:0 p.m.•45 views

CVE-2014-4995

Vulnerability CVE-2014-4995 affects the VladTheEnterprising Ruby gem (version ~0.2); a race condition in lib/vlad/dba/mysql.rb allows local users to obtain the MySQL root password from a temporary file before it is removed. Related advisories describe insecure temporary file handling and potentia...

7CVSS6.5AI score0.00054EPSS

Exploits0References5Affected Software1

Cvelist•added 2018/01/10 6:0 p.m.•12 views

CVE-2014-4995

6.6AI score0.00054EPSS

Exploits0References5

GitLab Advisory Database•added 2018/01/10 12:0 a.m.•17 views

Improper Link Resolution Before File Access ('Link Following')

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.targethost...

5.5CVSS5.5AI score0.00059EPSS

Exploits0References6Affected Software1

GitLab Advisory Database•added 2018/01/10 12:0 a.m.•20 views

Command injection vulnerability

VladTheEnterprising Gem for Ruby contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/my.cnf.targethost file they can overwrite arbitrary files, gain access to the MySQL root password, or inject arbitrary...

7CVSS6.6AI score0.00054EPSS

Exploits0References1Affected Software1