Filtered by CWE-459
Filtered by vendor Subscriptions
Total 158 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-12332 1 Ecos 2 Secure Boot Stick, Secure Boot Stick Firmware 2024-11-21 N/A
Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.
CVE-2018-11068 1 Dell 1 Bsafe Ssl-j 2024-11-21 4.6 Medium
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material.
CVE-2017-17090 1 Digium 2 Asterisk, Certified Asterisk 2024-11-21 N/A
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk process to use excessive amounts of virtual memory, eventually causing asterisk to stop processing requests of any kind.
CVE-2017-0303 1 F5 8 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Application Acceleration Manager and 5 more 2024-11-21 N/A
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections.
CVE-2012-5663 1 Openbsd 1 Textproc\/isearch 2024-11-21 7.5 High
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).
CVE-2005-2293 1 Oracle 1 Forms Builder 2024-11-21 5.5 Medium
Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information.
CVE-2005-1744 1 Bea 1 Weblogic Server 2024-11-21 9.8 Critical
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without having to log in again, which may be in violation of newly changed security constraints or role mappings.
CVE-2002-2070 1 Accessdata 1 Secureclean 2024-11-21 7.5 High
SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
CVE-2002-2069 1 Pgp 1 Personal Privacy 2024-11-21 7.5 High
PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
CVE-2002-2068 1 Tolvanen 1 Eraser 2024-11-21 7.5 High
Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
CVE-2002-2067 1 East-tec 1 Eraser 2024-11-21 7.5 High
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
CVE-2002-2066 1 Jetico 1 Bcwipe 2024-11-21 7.5 High
BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
CVE-2002-0788 1 Pgp 3 Corporate Desktop, Freeware, Personal Security 2024-11-21 5.5 Medium
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.
CVE-2000-0552 1 Icq 1 Icq 2024-11-21 5.5 Medium
ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.
CVE-2024-28265 1 Ibos 1 Ibos 2024-11-06 9.1 Critical
IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php.
CVE-2023-20518 2024-11-05 1.9 Low
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
CVE-2023-31356 1 Redhat 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more 2024-10-30 4.4 Medium
Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.
CVE-2024-45445 1 Huawei 2 Emui, Harmonyos 2024-09-06 4 Medium
Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.