Vulnerabilities > Incomplete Cleanup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-2307 | Incomplete Cleanup vulnerability in Gitlab A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited. | 3.8 |
| 2022-06-15 | CVE-2022-21166 | Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2022-06-15 | CVE-2022-21123 | Incomplete Cleanup vulnerability in multiple products Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2022-06-15 | CVE-2022-21125 | Incomplete Cleanup vulnerability in multiple products Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2022-06-15 | CVE-2022-21127 | Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2022-05-20 | CVE-2022-29160 | Incomplete Cleanup vulnerability in Nextcloud Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. | 3.3 |
| 2022-05-03 | CVE-2022-1473 | Incomplete Cleanup vulnerability in multiple products The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. | 7.5 |
| 2022-04-15 | CVE-2021-36205 | Incomplete Cleanup vulnerability in Johnsoncontrols products Under certain circumstances the session token is not cleared on logout. | 9.8 |
| 2022-02-09 | CVE-2021-45330 | Incomplete Cleanup vulnerability in Gitea An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse. | 9.8 |
| 2022-01-25 | CVE-2022-23035 | Incomplete Cleanup vulnerability in multiple products Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. | 4.6 |