Vulnerabilities > Incomplete Cleanup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-04 | CVE-2018-18924 | Incomplete Cleanup vulnerability in Projeqtor The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by uploading a .shtml file with "#exec cmd" because rejected files remain on the server, with predictable filenames, after a "This file is not a valid image" error message. | 8.8 |
| 2018-10-30 | CVE-2018-18281 | Incomplete Cleanup vulnerability in multiple products Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. | 7.8 |
| 2018-10-05 | CVE-2018-15407 | Incomplete Cleanup vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A) A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information. | 5.5 |
| 2018-09-11 | CVE-2018-11068 | Incomplete Cleanup vulnerability in Dell Bsafe Ssl-J RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material. | 4.6 |
| 2018-06-17 | CVE-2018-12332 | Incomplete Cleanup vulnerability in Ecos Secure Boot Stick Firmware 5.6.5 Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset. | 4.2 |
| 2017-12-02 | CVE-2017-17090 | Incomplete Cleanup vulnerability in Digium Certified Asterisk An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. | 7.5 |
| 2017-10-27 | CVE-2017-0303 | Incomplete Cleanup vulnerability in F5 products In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. | 7.5 |
| 2005-07-18 | CVE-2005-2293 | Incomplete Cleanup vulnerability in Oracle Forms Builder 9.0.4 Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information. | 5.5 |
| 2005-05-24 | CVE-2005-1744 | Incomplete Cleanup vulnerability in BEA Weblogic Server BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without having to log in again, which may be in violation of newly changed security constraints or role mappings. | 9.8 |
| 2002-12-31 | CVE-2002-2070 | Incomplete Cleanup vulnerability in Accessdata Secureclean 3 SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |