18 matches found
EUVD-2022-42605
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-6494
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these...
CVE-2024-3404
In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access control mechanisms. This flaw allows an authenticated attacker to bypass intended access restrictions and read the history files of other users, potentially leading to...
CVE-2024-3404 Improper Access Control in gaizhenbiao/chuanhuchatgpt
In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access control mechanisms. This flaw allows an authenticated attacker to bypass intended access restrictions and read the history files of other users, potentially leading to...
Debian: Security Advisory (DLA-577-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MongoDB 2.x, 3.0.x < 3.0.15, 3.1.x < 3.2.14, 3.3.x < 3.3.14 Mongo Shell Information Disclosure Vulnerability (SERVER-25335)
The version of the remote MongoDB server is 2.x, 3.x 3.0.15, 3.2.x 3.2.14, 3.3.x 3.3.14. It is, therefore, affected by an information disclosure in mongo shell due to the MongoDB client having world-readable permissions on .dbshell history files. An unauthenticated, local attacker can exploit thi...
CVE-2016-6494
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...
MongoDB Client 'dbshell' Information Disclosure Vulnerability (SERVER-25335) - Linux
MongoDB is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb";...
CVE-2016-6494
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...
CVE-2016-6494
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...
CVE-2016-6494
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...
Updated redis packages fix security vulnerability
It was discovered that redis did not properly protect redis-cli history files; they were created by default with world-readable permissions CVE-2013-7458...
Debian DLA-577-1 : redis security update
It was discovered that the redis-cli tool in redis an in-memory key-value database created world-readable history files. For Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u1. We recommend that you upgrade your redis packages. NOTE: Tenable Network Security has...
[SECURITY] [DLA 577-1] redis security update
Package : redis Version : 2:2.4.14-1+deb7u1 CVE ID : CVE-2013-7458 Debian Bug : 832460 It was discovered that the redis-cli tool in redis an in-memory key-value database created world-readable history files. For Debian 7 "Wheezy", this issue has been fixed in redis version 2:2.4.14-1+deb7u1. We...
DLA-577-1 redis - security update
Bulletin has no description...
Microsoft Internet Explorer 5.0 FTP Password Storage Vulnerability
No description provided by source. Microsoft Internet Explorer 5.0 for Windows 2000/Windows NT 4 FTP Password Storage Vulnerability source: http://www.securityfocus.com/bid/610/info FTP usernames and passwords for sites accessed via Internet Explorer 5.X are stored cleartext in history files stor...
CVE-2001-0378
CVE-2001-0378 affects OpenBSD readline prior to 4.1 (OpenBSD 2.8 and earlier). The vulnerability stems from creating readline history files with insecure permissions, allowing a local attacker to recover potentially sensitive information via history files. The NVD metrics list a base score of 2.1...
CVE-1999-1446
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored...