| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue. |
| smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790) |
| There is an object injection vulnerability in swfupload plugin for wordpress. |
| kde-workspace before 4.10.5 has a memory leak in plasma desktop |
| Katello has a Denial of Service vulnerability in API OAuth authentication |
| Cryptocat has an Unspecified Chat Participant User List Disclosure |
| An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165. |
| Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors. |
| Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting |
| A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22. |
| Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure |
| Cryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol |
| Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input |
| Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness |
| Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness |
| Cryptocat before 2.0.22 has Remote Denial of Service via username |
| Varnish HTTP cache before 3.0.4: ACL bug |
| Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism. |
| IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176. |
| IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. IBM X-Force ID: 86138. |
