| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums. |
| Katello allows remote authenticated users to call the "system remove_deletion" CLI command via vectors related to "remove system" permissions. |
| The Flippy module 7.x-1.x before 7.x-1.2 for Drupal does not properly restrict access to nodes, which allows remote authenticated users with the permission to access content to read a link or alias to a restricted node. |
| Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks |
| mysecureshell 1.31: Local Information Disclosure Vulnerability |
| MySecureShell 1.31 has a Local Denial of Service Vulnerability |
| In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into such a string without being sanitized. This means that if an application assigns a view's `tagName` to user-supplied data, a specially-crafted payload could execute arbitrary JavaScript in the context of the current domain ("XSS"). This vulnerability only affects applications that assign or bind user-provided content to `tagName`. |
| Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. |
| The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers to obtain sensitive information. |
| gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue. |
| smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790) |
| There is an object injection vulnerability in swfupload plugin for wordpress. |
| kde-workspace before 4.10.5 has a memory leak in plasma desktop |
| Katello has a Denial of Service vulnerability in API OAuth authentication |
| Cryptocat has an Unspecified Chat Participant User List Disclosure |
| An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165. |
| Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors. |
| Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting |
| A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22. |
| Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure |
