| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections |
| File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config. |
| Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds. |
| Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm. |
| cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. |
| An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext. This is a different issue than CVE-2012-6340. |
| RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. |
| Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions. |
| Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack." |
| gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function |
| Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability. |
| W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys. |
| W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes. |
| W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files. |
| Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to interfere with security checks. |
| BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error |
| BabyGekko before 1.2.4 allows PHP file inclusion. |
| opendnssec misuses libcurl API |
| The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses. |
| gnome-system-log polkit policy allows arbitrary files on the system to be read |
