Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Vladtheenterprising Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-4995 1 Vladtheenterprising Project 1 Vladtheenterprising 2018-01-30 1.9 LOW 7.0 HIGH
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.
CVE-2014-4996 1 Vladtheenterprising Project 1 Vladtheenterprising 2018-01-30 2.1 LOW 5.5 MEDIUM
lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}.