Vulnerabilities > Incomplete Cleanup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-03 | CVE-2020-12624 | Incomplete Cleanup vulnerability in Theleague the League The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attackers to hijack sessions. | 6.5 |
| 2020-03-12 | CVE-2020-5961 | Incomplete Cleanup vulnerability in Nvidia Virtual GPU Graphics Driver NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service. | 5.5 |
| 2019-12-30 | CVE-2012-5663 | Incomplete Cleanup vulnerability in Openbsd Textproc/Isearch The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp). | 7.5 |
| 2019-12-18 | CVE-2019-8768 | Incomplete Cleanup vulnerability in Apple mac OS X "Clear History and Website Data" did not clear the history. | 5.3 |
| 2019-12-18 | CVE-2019-8730 | Incomplete Cleanup vulnerability in Apple mac OS X The contents of locked notes sometimes appeared in search results. | 3.3 |
| 2019-12-18 | CVE-2019-8550 | Incomplete Cleanup vulnerability in Apple mac OS X An issue existed in the pausing of FaceTime video. | 4.3 |
| 2019-12-18 | CVE-2019-8548 | Incomplete Cleanup vulnerability in Apple Watchos An issue existed where partially entered passcodes may not clear when the device went to sleep. | 2.4 |
| 2019-12-16 | CVE-2019-18191 | Incomplete Cleanup vulnerability in Trendmicro Deep Security AS a Service A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account. | 8.8 |
| 2019-10-10 | CVE-2019-17420 | Incomplete Cleanup vulnerability in multiple products In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending. | 5.3 |
| 2019-09-30 | CVE-2019-3733 | Incomplete Cleanup vulnerability in multiple products RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. | 4.9 |