Vulnerabilities > Incomplete Cleanup

DATE CVE VULNERABILITY TITLE RISK
2021-01-07 CVE-2020-13451 Incomplete Cleanup vulnerability in Thecodingmachine Gotenberg
An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros.
network
low complexity
thecodingmachine CWE-459
7.5
2020-10-02 CVE-2020-5987 Incomplete Cleanup vulnerability in Nvidia Virtual GPU Manager
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges.
local
low complexity
nvidia CWE-459
4.6
2020-09-10 CVE-2020-15024 Incomplete Cleanup vulnerability in Avast Antivirus 20.1.5069.562
An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562.
local
low complexity
avast CWE-459
5.5
2020-08-11 CVE-2020-0258 Incomplete Cleanup vulnerability in Google Android 10.0
In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup.
local
low complexity
google CWE-459
4.9
2020-07-09 CVE-2020-12414 Incomplete Cleanup vulnerability in Mozilla Firefox
IndexedDB should be cleared when leaving private browsing mode and it is not, the API for WKWebViewConfiguration was being used incorrectly and requires the private instance of this object be deleted when leaving private mode.
network
mozilla CWE-459
4.3
2020-06-16 CVE-2020-12494 Incomplete Cleanup vulnerability in Beckhoff Twincat and Twincat Driver
Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality.
network
low complexity
beckhoff CWE-459
5.0
2020-06-15 CVE-2020-0543 Incomplete Cleanup vulnerability in multiple products
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
5.5
2020-05-11 CVE-2020-10685 Incomplete Cleanup vulnerability in multiple products
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules.
local
low complexity
redhat debian CWE-459
5.5
2019-12-30 CVE-2012-5663 Incomplete Cleanup vulnerability in Openbsd Textproc/Isearch
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).
network
low complexity
openbsd CWE-459
5.0
2019-12-18 CVE-2019-8768 Incomplete Cleanup vulnerability in Apple mac OS X
"Clear History and Website Data" did not clear the history.
network
low complexity
apple CWE-459
5.0