| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system |
| nuSOAP before 0.7.3-5 does not properly check the hostname of a cert. |
| libuser has information disclosure when moving user's home directory |
| Python keyring lib before 0.10 created keyring files with world-readable permissions. |
| quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal |
| Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. |
| The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. |
| FreeBSD: Input Validation Flaw allows local users to gain elevated privileges |
| openslp: SLPIntersectStringList()' Function has a DoS vulnerability |
| letodms 3.3.6 has CSRF via change password |
| letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar |
| mono 2.10.x ASP.NET Web Form Hash collision DoS |
| ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation |
| In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. |
| pam_shield before 0.9.4: Default configuration does not perform protective action |
| An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable. |
| Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile. |
| A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys. |
| lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. |
| OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space |
