Filtered by vendor
Subscriptions
Total
158 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-12332 | 1 Ecos | 2 Secure Boot Stick, Secure Boot Stick Firmware | 2024-11-21 | N/A |
Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset. | ||||
CVE-2018-11068 | 1 Dell | 1 Bsafe Ssl-j | 2024-11-21 | 4.6 Medium |
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material. | ||||
CVE-2017-17090 | 1 Digium | 2 Asterisk, Certified Asterisk | 2024-11-21 | N/A |
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk process to use excessive amounts of virtual memory, eventually causing asterisk to stop processing requests of any kind. | ||||
CVE-2017-0303 | 1 F5 | 8 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Application Acceleration Manager and 5 more | 2024-11-21 | N/A |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections. | ||||
CVE-2012-5663 | 1 Openbsd | 1 Textproc\/isearch | 2024-11-21 | 7.5 High |
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp). | ||||
CVE-2005-2293 | 1 Oracle | 1 Forms Builder | 2024-11-21 | 5.5 Medium |
Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information. | ||||
CVE-2005-1744 | 1 Bea | 1 Weblogic Server | 2024-11-21 | 9.8 Critical |
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without having to log in again, which may be in violation of newly changed security constraints or role mappings. | ||||
CVE-2002-2070 | 1 Accessdata | 1 Secureclean | 2024-11-21 | 7.5 High |
SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
CVE-2002-2069 | 1 Pgp | 1 Personal Privacy | 2024-11-21 | 7.5 High |
PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
CVE-2002-2068 | 1 Tolvanen | 1 Eraser | 2024-11-21 | 7.5 High |
Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
CVE-2002-2067 | 1 East-tec | 1 Eraser | 2024-11-21 | 7.5 High |
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
CVE-2002-2066 | 1 Jetico | 1 Bcwipe | 2024-11-21 | 7.5 High |
BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
CVE-2002-0788 | 1 Pgp | 3 Corporate Desktop, Freeware, Personal Security | 2024-11-21 | 5.5 Medium |
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information. | ||||
CVE-2000-0552 | 1 Icq | 1 Icq | 2024-11-21 | 5.5 Medium |
ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information. | ||||
CVE-2024-28265 | 1 Ibos | 1 Ibos | 2024-11-06 | 9.1 Critical |
IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php. | ||||
CVE-2023-20518 | 2024-11-05 | 1.9 Low | ||
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality. | ||||
CVE-2023-31356 | 1 Redhat | 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more | 2024-10-30 | 4.4 Medium |
Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity. | ||||
CVE-2024-45445 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 4 Medium |
Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability. |