Filtered by vendor Vladtheenterprising Project Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-4996 1 Vladtheenterprising Project 1 Vladtheenterprising 2024-11-21 N/A
lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}.
CVE-2014-4995 1 Vladtheenterprising Project 1 Vladtheenterprising 2024-11-21 N/A
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.