| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation |
| gnome-system-log polkit policy allows arbitrary files on the system to be read |
| The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. |
| xlockmore before 5.43 'dclock' security bypass vulnerability |
| mom creates world-writable pid files in /var/run |
| Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Decorator, (5) Uri, (6) View\Helper\HeadStyle, (7) View\Helper\Navigation\Sitemap, or (8) View\Helper\Placeholder\Container\AbstractStandalone, related to Escaper. |
| openslp: SLPIntersectStringList()' Function has a DoS vulnerability |
| A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys. |
| A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. |
| Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough |
| Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs. |
| Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. |
| Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results |
| Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php |
| Moodle before 2.2.2: Overview report allows users to see hidden courses |
| Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export |
| Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default |
| Moodle before 2.2.2 has users' private files included in course backups |
| Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to |
| A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. |
