CVE-2025-58180

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.11.2 contain a vulnerability that allows an authenticated attacker to upload a file under a specially crafted filename that will allow arbitrary command execution if said filename...

CVE-2025-58761

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The realpmsimageproxy endpoint in Tautulli v2.15.3 and prior is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. The realpmsimageproxy i...

Linux Distros Unpatched Vulnerability : CVE-2020-18185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment. CVE-2020-18185 Note th...

Linux Distros Unpatched Vulnerability : CVE-2019-9823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server...

Linux Distros Unpatched Vulnerability : CVE-2018-10057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary...

QuerySniper

🎯 QuerySniper - Advanced Vulnerability Research Toolkit Query...

Roo Code 安全漏洞

Roo Code is an AI-based autonomous coding agent from Roo Code. A security vulnerability exists in Roo Code version 3.25.23 and earlier, which stems from inadequate configuration file protection and could lead to arbitrary code execution...

GHSA-M63C-3RMG-R2CF XWiki configuration files can be accessed through jsx and sx endpoints

Impact It's possible to get access and read configuration files by using URLs such as http://localhost:8080/bin/ssx/Main/WebHome?resource=../../WEB-INF/xwiki.cfg&minify=false. This can apparently be reproduced on Tomcat instances. Patches This has been patched in 17.4.0-rc-1, 16.10.7. Workarounds...

Linux Distros Unpatched Vulnerability : CVE-2019-3992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration fil...

Connection to Veeam Software Appliance Fails With: "Authentication failed: invalid credentials"

Challenge When attempting to use local account credentials to connect to a Veeam Software Appliance that is joined to a domain, the Console fails to connect with the errror: Authentication failed: invalid credentials Cause This error occurs due to an account collision caused by the...

CVE-2025-29514

Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to download the configuration file via providing a crafted web request...

CVE-2025-30063

The configuration file containing database logins and passwords is readable by any local user...

Linux Distros Unpatched Vulnerability : CVE-2020-5213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code...

Linux Distros Unpatched Vulnerability : CVE-2019-19920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than...

CGM CLININET Information Disclosure Vulnerability

CGM CLININET is a hospital information management system from CGM Germany. An information disclosure vulnerability exists in CGM CLININET. The vulnerability stems from a configuration file that contains database login information and can be read by a local user, which can be exploited by an...

CVE-2025-30063

The configuration file containing database logins and passwords is readable by any local user...

CVE-2025-30063

Technical details for CVE-2025-30063 are not publicly available in the provided documents. The connected EUVD entries do not reveal affected products, root cause, or remediation for this CVE. Monitor for updates.

CVE-2025-30063 Excessive permissions on configuration files containing database logins and passwords

The configuration file containing database logins and passwords is readable by any local user...

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system from the German company CGM. A security vulnerability exists in CGM CLININET, which originates from a configuration file that contains database login information and can be read by a local user, potentially leading to information disclosure...

Linux Distros Unpatched Vulnerability : CVE-2022-3793

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper authorization issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an...