Filtered by vendor Vladtheenterprising Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-4995 | 1 Vladtheenterprising Project | 1 Vladtheenterprising | 2018-01-30 | 1.9 LOW | 7.0 HIGH |
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed. | |||||
CVE-2014-4996 | 1 Vladtheenterprising Project | 1 Vladtheenterprising | 2018-01-30 | 2.1 LOW | 5.5 MEDIUM |
lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}. |