Vulnerabilities > Microsoft > Windows > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-24 | CVE-2012-0713 | Multiple Security vulnerability in IBM DB2 Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary XML files via unknown vectors. | 3.5 |
2011-11-09 | CVE-2011-3649 | Information Exposure vulnerability in Mozilla Firefox and Thunderbird Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. | 2.6 |
2011-08-09 | CVE-2008-7292 | Information Exposure vulnerability in Mozilla Bugzilla Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977. | 2.1 |
2011-08-09 | CVE-2011-2977 | Multiple Security vulnerability in Bugzilla Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. | 2.1 |
2010-12-17 | CVE-2010-2603 | Cryptographic Issues vulnerability in RIM Blackberry Desktop Software RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Mac, uses a weak password to encrypt a database backup file, which makes it easier for local users to decrypt the file via a brute force attack. | 2.1 |
2010-12-09 | CVE-2010-0530 | Permissions, Privileges, and Access Controls vulnerability in Apple Quicktime Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory. | 2.1 |
2010-07-15 | CVE-2010-1967 | Unspecified vulnerability in HP Insight Software Installer 3.00/3.10 Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data via unknown vectors. | 3.6 |
2010-07-13 | CVE-2010-0900 | Remote vulnerability in Oracle Network Layer Unspecified vulnerability in the Network Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors. | 2.6 |
2009-03-31 | CVE-2008-6561 | Information Exposure vulnerability in Citrix Presentation Server Client 10.200 Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges. | 1.9 |
2009-02-10 | CVE-2009-0437 | Information Exposure vulnerability in IBM Websphere Application Server 6.0.2 The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file. | 1.9 |