13 matches found
EUVD-2018-1781
Malware in sbrugna...
DEBIAN-CVE-2022-48893
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Cleanup partial engine discovery failures If we abort driver initialisation in the middle of gt/engine discovery, some engines will be fully setup and some not. Those incompletely setup engines only have...
RHEL 8 : ovirt-hosted-engine-setup (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ovirt-hosted-engine-setup: root password exposed in log file CVE-2018-1000018 Note that Nessus has not tested for...
SolarWinds MSP PME Cache Service Insecure File Permissions / Code Execution Exploit
SolarWinds MSP PME Cache Service versions prior to 1.1.15 suffer from insecure file permission and code execution vulnerabilities. Title: SolarWinds MSP PME Cache Service - Insecure File Permissions / Code Execution Author: Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG GitHub:...
Default credentials
ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db provisioning. When engine-setup was run and one chooses to provision the database manually or connect to a remote database, the password input was logged in cleartext during the verification step...
Acunetix v12 - More Comprehensive, More Accurate and now 2X Faster
In-depth analysis of JavaScript-rich sites and Single Page Applications Acunetix, the pioneer in automated web application security software, has announced the release of version 12. This new version provides support for JavaScript ES7 to better analyse sites which rely heavily on JavaScript such...
CVE-2018-1000018
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file...
Information disclosure
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file...
CVE-2018-1000018
CVE-2018-1000018 affects ovirt-hosted-engine-setup prior to version 2.2.7, exposing the root password in the setup log file. The connected sources corroborate an information disclosure vulnerability in that component/version, with multiple feeds (NVD, CNVD, Red Hat context) noting root-password e...
CVE-2018-1000018
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file...
CVE-2016-4443
Red Hat Enterprise Virtualization RHEV Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file...
PT-2016-5960 · Red Hat · Red Hat Enterprise Virtualization Manager
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization RHEV Manager version 3.6 Description: The issue allows local users to access sensitive information, including encryption keys and certificates, by reading the engine-setup log file. Recommendations: For Red H...
org.ovirt.engine-root: engine-setup logs contained information for extracting admin password
A flaw was found in RHEV Manager, where it wrote sensitive data to the engine-setup log file. A local attacker could exploit this flaw to view sensitive information such as encryption keys and certificates which could then be used to steal other sensitive information such as passwords...