| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| OpenStack nova base images permissions are world readable |
| An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. |
| An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. |
| tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. |
| Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack." |
| gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function |
| cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system |
| nuSOAP before 0.7.3-5 does not properly check the hostname of a cert. |
| libuser has information disclosure when moving user's home directory |
| Python keyring lib before 0.10 created keyring files with world-readable permissions. |
| quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal |
| Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. |
| The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. |
| FreeBSD: Input Validation Flaw allows local users to gain elevated privileges |
| openslp: SLPIntersectStringList()' Function has a DoS vulnerability |
| letodms 3.3.6 has CSRF via change password |
| letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar |
| mono 2.10.x ASP.NET Web Form Hash collision DoS |
| ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation |
| In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. |
