Filtered by vendor
Subscriptions
Total
648 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-9550 | 1 Totolink | 16 A850r-v1, A850r-v1 Firmware, F1-v2 and 13 more | 2024-11-21 | 7.5 High |
An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface. | ||||
CVE-2015-10004 | 1 Json Web Token Project | 1 Json Web Token | 2024-11-21 | 7.5 High |
Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an attacker may use this to determine the expected HMAC. | ||||
CVE-2014-2387 | 3 Debian, Opensuse, Pen Project | 3 Debian Linux, Opensuse, Pen | 2024-11-21 | 4.4 Medium |
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities | ||||
CVE-2014-0023 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.8 High |
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution | ||||
CVE-2013-4561 | 1 Redhat | 1 Openshift | 2024-11-21 | 9.1 Critical |
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity. | ||||
CVE-2013-4480 | 2 Redhat, Suse | 5 Network Satellite, Satellite, Satellite With Embedded Oracle and 2 more | 2024-11-21 | N/A |
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts. | ||||
CVE-2013-4374 | 1 Redhat | 2 Jboss Operations Network, Rhq Mongo Db Drift Server | 2024-11-21 | 7.1 High |
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files. | ||||
CVE-2013-4280 | 1 Redhat | 3 Enterprise Virtualization, Storage, Virtual Desktop Server Manager | 2024-11-21 | 5.5 Medium |
Insecure temporary file vulnerability in RedHat vsdm 4.9.6. | ||||
CVE-2013-4253 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.5 High |
The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file. | ||||
CVE-2013-2183 | 1 Monkey-project | 1 Monkey | 2024-11-21 | 7.1 High |
Monkey HTTP Daemon has local security bypass | ||||
CVE-2013-0163 | 1 Redhat | 1 Openshift | 2024-11-21 | 5.5 Medium |
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS | ||||
CVE-2012-5639 | 3 Apache, Debian, Libreoffice | 3 Openoffice, Debian Linux, Libreoffice | 2024-11-21 | 6.5 Medium |
LibreOffice and OpenOffice automatically open embedded content | ||||
CVE-2012-1846 | 1 Google | 1 Chrome | 2024-11-21 | N/A |
Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affected product may be clarified later; it was not identified by the researcher, who reportedly stated "it really doesn't matter if it's third-party code." | ||||
CVE-2011-1960 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2024-11-21 | N/A |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability." | ||||
CVE-2011-1258 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2024-11-21 | N/A |
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability." | ||||
CVE-2009-5042 | 2 Debian, Python-docutils Project | 2 Debian Linux, Python-docutils | 2024-11-21 | 9.1 Critical |
python-docutils allows insecure usage of temporary files | ||||
CVE-2008-7291 | 2 Debian, Gri Project | 2 Debian Linux, Gri | 2024-11-21 | 9.8 Critical |
gri before 2.12.18 generates temporary files in an insecure way. | ||||
CVE-2008-2544 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise. | ||||
CVE-2007-3915 | 1 Mandriva | 1 Mondo | 2024-11-21 | 9.1 Critical |
Mondo 2.24 has insecure handling of temporary files. | ||||
CVE-2005-2351 | 2 Debian, Mutt | 2 Debian Linux, Mutt | 2024-11-21 | 5.5 Medium |
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files. |