| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
851 |
CVE-2022-20097 |
362 |
|
|
2022-05-03 |
2022-05-11 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06383944. |
|
852 |
CVE-2022-20195 |
502 |
|
DoS |
2022-06-15 |
2022-06-24 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-213172664 |
|
853 |
CVE-2022-20196 |
|
|
Bypass |
2022-06-15 |
2022-06-24 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535148 |
|
854 |
CVE-2022-21416 |
|
|
|
2022-04-19 |
2022-04-27 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Solaris accessible data. CVSS 3.1 Base Score 5.0 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N). |
|
855 |
CVE-2022-21493 |
|
|
|
2022-04-19 |
2022-04-28 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H). |
|
856 |
CVE-2022-21975 |
362 |
|
DoS |
2022-03-09 |
2022-05-23 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Windows Hyper-V Denial of Service Vulnerability. |
|
857 |
CVE-2022-22325 |
200 |
|
+Info |
2022-05-13 |
2022-05-23 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853. |
|
858 |
CVE-2022-22713 |
400 |
|
DoS |
2022-05-10 |
2022-05-23 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Windows Hyper-V Denial of Service Vulnerability. |
|
859 |
CVE-2022-23242 |
404 |
|
Exec Code |
2022-03-23 |
2022-03-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password. |
|
860 |
CVE-2022-23651 |
367 |
|
|
2022-02-23 |
2022-03-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use (TOCTOU) race condition. SDK users of the SqliteAccountInfo format are vulnerable while users of the InMemoryAccountInfo format are safe. The SqliteAccountInfo saves API keys (and bucket name-to-id mapping) in a local database file ($XDG_CONFIG_HOME/b2/account_info, ~/.b2_account_info or a user-defined path). When first created, the file is world readable and is (typically a few milliseconds) later altered to be private to the user. If the directory containing the file is readable by a local attacker then during the brief period between file creation and permission modification, a local attacker can race to open the file and maintain a handle to it. This allows the local attacker to read the contents after the file after the sensitive information has been saved to it. Consumers of this SDK who rely on it to save data using SqliteAccountInfo class should upgrade to the latest version of the SDK. Those who believe a local user might have opened a handle using this race condition, should remove the affected database files and regenerate all application keys. Users should upgrade to b2-sdk-python 1.14.1 or later. |
|
861 |
CVE-2022-23653 |
367 |
|
|
2022-02-23 |
2022-03-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use (TOCTOU) race condition. The command line tool saves API keys (and bucket name-to-id mapping) in a local database file (`$XDG_CONFIG_HOME/b2/account_info`, `~/.b2_account_info` or a user-defined path) when `b2 authorize-account` is first run. This happens regardless of whether a valid key is provided or not. When first created, the file is world readable and is (typically a few milliseconds) later altered to be private to the user. If the directory is readable by a local attacker and the user did not yet run `b2 authorize-account` then during the brief period between file creation and permission modification, a local attacker can race to open the file and maintain a handle to it. This allows the local attacker to read the contents after the file after the sensitive information has been saved to it. Users that have not yet run `b2 authorize-account` should upgrade to B2 Command-Line Tool v3.2.1 before running it. Users that have run `b2 authorize-account` are safe if at the time of the file creation no other local users had read access to the local configuration file. Users that have run `b2 authorize-account` where the designated path could be opened by another local user should upgrade to B2 Command-Line Tool v3.2.1 and remove the database and regenerate all application keys. Note that `b2 clear-account` does not remove the database file and it should not be used to ensure that all open handles to the file are invalidated. If B2 Command-Line Tool cannot be upgraded to v3.2.1 due to a dependency conflict, a binary release can be used instead. Alternatively a new version could be installed within a virtualenv, or the permissions can be changed to prevent local users from opening the database file. |
|
862 |
CVE-2022-23960 |
|
|
+Info |
2022-03-13 |
2022-07-04 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. |
|
863 |
CVE-2022-24448 |
909 |
|
|
2022-02-04 |
2022-05-12 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. |
|
864 |
CVE-2022-24511 |
|
|
|
2022-03-09 |
2022-03-16 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Microsoft Office Word Tampering Vulnerability. |
|
865 |
CVE-2022-24725 |
200 |
|
Dir. Trav. +Info |
2022-03-03 |
2022-03-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Shescape is a shell escape package for JavaScript. An issue in versions 1.4.0 to 1.5.1 allows for exposure of the home directory on Unix systems when using Bash with the `escape` or `escapeAll` functions from the _shescape_ API with the `interpolation` option set to `true`. Other tested shells, Dash and Zsh, are not affected. Depending on how the output of _shescape_ is used, directory traversal may be possible in the application using _shescape_. The issue was patched in version 1.5.1. As a workaround, manually escape all instances of the tilde character (`~`) using `arg.replace(/~/g, "\\~")`. |
|
866 |
CVE-2022-24823 |
668 |
|
|
2022-05-06 |
2022-06-16 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. |
|
867 |
CVE-2022-25368 |
|
|
|
2022-03-10 |
2022-03-16 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected. |
|
868 |
CVE-2022-25831 |
287 |
|
|
2022-04-11 |
2022-04-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions. |
|
869 |
CVE-2022-26355 |
668 |
|
|
2022-03-10 |
2022-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Citrix Federated Authentication Service (FAS) 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). This issue only occurs if PowerShell was used when configuring FAS to store the registration authority certificate’s private key in the TPM. It does not occur if the TPM was not selected for use or if the FAS administration console was used for configuration. |
|
870 |
CVE-2022-26765 |
362 |
|
Bypass |
2022-05-26 |
2022-06-08 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. |
|
871 |
CVE-2022-27049 |
|
|
|
2022-03-31 |
2022-04-08 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Raidrive before v2021.12.35 allows attackers to arbitrarily move log files by pre-creating a mountpoint and log files before Raidrive is installed. |
|
872 |
CVE-2022-27841 |
755 |
|
|
2022-04-11 |
2022-04-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication |
|
873 |
CVE-2022-28161 |
532 |
|
|
2022-05-09 |
2022-05-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode. |
|
874 |
CVE-2022-28192 |
416 |
|
DoS |
2022-05-17 |
2022-05-26 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges. |
|
875 |
CVE-2022-28774 |
532 |
|
|
2022-05-11 |
2022-06-21 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted. |
|
876 |
CVE-2022-29127 |
|
|
Bypass |
2022-05-10 |
2022-05-23 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
BitLocker Security Feature Bypass Vulnerability. |
|
877 |
CVE-2022-29973 |
770 |
|
+Info |
2022-05-02 |
2022-05-11 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in the filesystem) in certain situations involving offsets beyond ValidDataLength. |
|
878 |
CVE-2022-31758 |
362 |
|
|
2022-06-13 |
2022-06-21 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
|
879 |
CVE-2007-2999 |
|
|
|
2007-06-04 |
2012-11-06 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers to determine valid Active Directory account names. |
|
880 |
CVE-2011-3561 |
|
|
|
2011-10-19 |
2022-05-13 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. |
|
881 |
CVE-2012-2419 |
399 |
|
DoS |
2012-04-25 |
2021-07-23 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory consumption) via a URI with multiple references to the same name-value pair. |
|
882 |
CVE-2012-2420 |
200 |
|
Overflow +Info |
2012-04-25 |
2021-07-23 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote attackers to obtain sensitive information via a URI with a % (percent) character as its (1) last or (2) second-to-last character, in situations where a certain "post-URL data" buffer contains a 0x0000 character but a buffer overflow does not occur. |
|
883 |
CVE-2012-2421 |
22 |
|
Dir. Trav. |
2012-04-25 |
2021-07-23 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote attackers to read arbitrary files in ZIP archives via a full pathname in the URI. |
|
884 |
CVE-2012-2423 |
200 |
|
+Info |
2012-04-25 |
2021-07-23 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, provide different responses to remote requests depending on whether a ZIP pathname is valid, which allows remote attackers to obtain potentially sensitive information about the installation path and product version via a series of requests involving the Msxml2.XMLHTTP object. |
|
885 |
CVE-2012-2424 |
|
|
DoS |
2012-04-25 |
2021-07-23 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a URI that lacks a required delimiter. |
|
886 |
CVE-2012-2425 |
20 |
1
|
DoS |
2012-04-25 |
2021-07-23 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (application crash) via a long URI. |
|
887 |
CVE-2013-0179 |
119 |
|
DoS Overflow |
2014-01-13 |
2018-03-25 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr. |
|
888 |
CVE-2013-7290 |
119 |
|
DoS Overflow |
2014-01-13 |
2018-03-25 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179. |
|
889 |
CVE-2013-7291 |
119 |
|
DoS Overflow |
2014-01-13 |
2018-03-25 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290. |
|
890 |
CVE-2014-4812 |
200 |
|
+Info |
2014-10-26 |
2017-08-29 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port. |
|
891 |
CVE-2015-0875 |
200 |
|
+Info |
2015-02-15 |
2015-02-20 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 for Android creates a log file containing input data from the user, which allows attackers to obtain sensitive information by reading a file. |
|
892 |
CVE-2015-1798 |
17 |
|
|
2015-04-08 |
2018-01-05 |
1.8 |
None |
Local Network |
High |
Not required |
None |
Partial |
None |
|
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. |
|
893 |
CVE-2016-0453 |
|
|
|
2016-01-21 |
2016-06-08 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server. |
|
894 |
CVE-2016-3428 |
|
|
|
2016-04-21 |
2017-09-03 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vectors related to Engineering Communication Interface. |
|
895 |
CVE-2020-4791 |
200 |
|
+Info |
2021-02-09 |
2021-07-21 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. IBM X-Force ID: 189379. |
|
896 |
CVE-2020-24587 |
326 |
|
|
2021-05-11 |
2021-10-28 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. |
|
897 |
CVE-2002-0415 |
|
|
Dir. Trav. |
2002-08-12 |
2008-09-05 |
1.7 |
None |
Local |
Low |
??? |
Partial |
None |
None |
|
Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275. |
|
898 |
CVE-2003-0986 |
|
|
DoS |
2003-12-31 |
2017-10-11 |
1.7 |
None |
Local |
Low |
??? |
None |
None |
Partial |
|
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. |
|
899 |
CVE-2004-2657 |
|
|
|
2004-12-31 |
2018-10-19 |
1.7 |
None |
Local |
Low |
??? |
Partial |
None |
None |
|
** DISPUTED ** Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: The vendor has disputed this issue, stating that "The uninstaller is primarily there to uninstall the application. It is not there to uninstall user data. For the moment I will stick by my module-owner decision." |
|
900 |
CVE-2005-1976 |
|
|
DoS Exec Code |
2005-12-31 |
2008-09-05 |
1.7 |
None |
Local |
Low |
??? |
None |
None |
Partial |
|
Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files. |
