Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

OSV
OSVadded 2021/08/30 6:15 p.m.2 views

UBUNTU-CVE-2021-27019

PuppetDB logging included potentially sensitive system information...

4.3CVSS5.8AI score0.00712EPSS
Exploits0References3
Prion
Prionadded 2021/08/30 6:15 p.m.15 views

Information disclosure

PuppetDB logging included potentially sensitive system information...

4CVSS4.6AI score0.00712EPSS
Exploits0References1Affected Software2
CVE
CVEadded 2021/08/30 5:56 p.m.59 views

CVE-2021-27019

Technical details about CVE-2021-27019 are not publicly available in the provided connected documents; descriptions reiterate information disclosure through PuppetDB logging. Monitor for updates.

4.3CVSS4.5AI score0.00712EPSS
Exploits0References1Affected Software2
Debian CVE
Debian CVEadded 2021/08/30 5:56 p.m.19 views

CVE-2021-27019

PuppetDB logging included potentially sensitive system information...

4.3CVSS5.2AI score0.00712EPSS
Exploits0
Cvelist
Cvelistadded 2021/08/30 5:56 p.m.22 views

CVE-2021-27019

PuppetDB logging included potentially sensitive system information...

4.9AI score0.00712EPSS
Exploits0References1
OSV
OSVadded 2021/07/20 11:15 a.m.2 views

DEBIAN-CVE-2021-27021

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query...

8.8CVSS8.1AI score0.01262EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2021/06/29 12:0 a.m.20 views

FreeBSD : PuppetDB -- SQL Injection (41bc849f-d5ef-11eb-ae37-589cfc007716)

Puppet reports : Fixed an issue where someone with the ability to query PuppetDB could arbitrarily write, update, or delete data CVE-2021-27021 PDB-5138. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuX...

8.8CVSS7.8AI score0.01262EPSS
Exploits0References4
FreeBSD
FreeBSDadded 2021/06/24 12:0 a.m.35 views

PuppetDB -- SQL Injection

Puppet reports: Fixed an issue where someone with the ability to query PuppetDB could arbitrarily write, update, or delete data CVE-2021-27021 PDB-5138...

8.8CVSS2.5AI score0.01262EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2020/08/11 12:0 a.m.51 views

FreeBSD : puppetdb -- Multiple vulnerabilities (10e3ed8a-db7f-11ea-8bdf-643150d3111d)

Puppetlabs reports : In June 2020, jackson-databind published security updates addressing several CVEs. Previous releases of PuppetDB contain a vulnerable version of jackson.core:jackson-databind. PuppetDB 5.2.18 contains an updated version of jackson-databind that has patched the vulnerabilities...

9.8CVSS7.2AI score0.18345EPSS
Exploits0References7
FreeBSD
FreeBSDadded 2020/07/23 12:0 a.m.55 views

puppetdb -- Multiple vulnerabilities

Puppetlabs reports: In June 2020, jackson-databind published security updates addressing several CVEs. Previous releases of PuppetDB contain a vulnerable version of jackson.core:jackson-databind. PuppetDB 5.2.18 contains an updated version of jackson-databind that has patched the vulnerabilities...

9.8CVSS2.1AI score0.18345EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2020/04/27 8:9 p.m.19 views

CVE-2020-7943

A flaw was found where the metrics API endpoints of Puppet Server and PuppetDB leaked sensitive information to the local network. Listening to these network endpoints could allow attackers the ability to exploit additional computer systems. The highest impact of this flaw is confidentiality...

7.5CVSS3.9AI score0.07884EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2020/03/24 12:0 a.m.43 views

FreeBSD : puppetserver and puppetdb -- Puppet Server and PuppetDB may leak sensitive information via metrics API (36def7ba-6d2b-11ea-b115-643150d3111d)

Puppetlabs reports : Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as...

7.5CVSS7.5AI score0.07884EPSS
Exploits0References3
NVD
NVDadded 2020/03/11 11:15 p.m.17 views

CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

7.5CVSS7.3AI score0.07884EPSS
Exploits0References1
OSV
OSVadded 2020/03/11 11:15 p.m.2 views

DEBIAN-CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

7.5CVSS7.6AI score0.07884EPSS
Exploits0References1
OSV
OSVadded 2020/03/11 11:15 p.m.22 views

CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

7.5CVSS6.2AI score0.07884EPSS
Exploits0References1
OSV
OSVadded 2020/03/11 11:15 p.m.0 views

UBUNTU-CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

7.5CVSS5.8AI score0.07884EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2020/03/11 11:15 p.m.18 views

CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

7.5CVSS7.1AI score0.07884EPSS
Exploits0References2
Prion
Prionadded 2020/03/11 11:15 p.m.13 views

Design/Logic Flaw

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

5CVSS7.3AI score0.07884EPSS
Exploits0References1Affected Software3
CVE
CVEadded 2020/03/11 9:56 p.m.145 views

CVE-2020-7943

CVE-2020-7943 affects Puppet Server and PuppetDB, where the metrics API endpoints may disclose sensitive information. The issue stems from exposed metrics data (for PuppetDB: hostnames; for Puppet Server: resource names, titles, function names, and class names) when these endpoints were accessibl...

7.5CVSS7.2AI score0.07884EPSS
Exploits0References1Affected Software3
Debian CVE
Debian CVEadded 2020/03/11 9:56 p.m.16 views

CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

7.5CVSS7.6AI score0.07884EPSS
Exploits0
Rows per page
Query Builder