Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-42605

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00516EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/05 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2016-6494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these...

5.5CVSS6AI score0.0037EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:24 a.m.6 views

CVE-2024-3404

In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access control mechanisms. This flaw allows an authenticated attacker to bypass intended access restrictions and read the history files of other users, potentially leading to...

6.5CVSS6.2AI score0.00503EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/06 6:45 p.m.27 views

CVE-2024-3404 Improper Access Control in gaizhenbiao/chuanhuchatgpt

In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access control mechanisms. This flaw allows an authenticated attacker to bypass intended access restrictions and read the history files of other users, potentially leading to...

6.5CVSS0.00503EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.18 views

Debian: Security Advisory (DLA-577-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS4AI score0.00484EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/04/23 12:0 a.m.257 views

MongoDB 2.x, 3.0.x < 3.0.15, 3.1.x < 3.2.14, 3.3.x < 3.3.14 Mongo Shell Information Disclosure Vulnerability (SERVER-25335)

The version of the remote MongoDB server is 2.x, 3.x 3.0.15, 3.2.x 3.2.14, 3.3.x 3.3.14. It is, therefore, affected by an information disclosure in mongo shell due to the MongoDB client having world-readable permissions on .dbshell history files. An unauthenticated, local attacker can exploit thi...

5.5CVSS6.4AI score0.0037EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2020/02/18 8:0 p.m.25 views

CVE-2016-6494

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...

5.5CVSS1.5AI score0.0037EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/10/13 12:0 a.m.26 views

MongoDB Client 'dbshell' Information Disclosure Vulnerability (SERVER-25335) - Linux

MongoDB is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb";...

5.5CVSS5.5AI score0.0037EPSS
Exploits0References3
OSV
OSV
added 2016/10/03 6:59 p.m.3 views

CVE-2016-6494

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...

5.5CVSS5.2AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2016/10/03 6:59 p.m.33 views

CVE-2016-6494

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...

5.5CVSS6.5AI score0.0037EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/10/03 6:0 p.m.31 views

CVE-2016-6494

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...

5AI score0.0037EPSS
Exploits0References8
Mageia
Mageia
added 2016/08/31 5:34 p.m.32 views

Updated redis packages fix security vulnerability

It was discovered that redis did not properly protect redis-cli history files; they were created by default with world-readable permissions CVE-2013-7458...

3.3CVSS1.4AI score0.00484EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/08/01 12:0 a.m.40 views

Debian DLA-577-1 : redis security update

It was discovered that the redis-cli tool in redis an in-memory key-value database created world-readable history files. For Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u1. We recommend that you upgrade your redis packages. NOTE: Tenable Network Security has...

3.3CVSS6.2AI score0.00484EPSS
Exploits0References3
Debian
Debian
added 2016/07/30 5:23 p.m.38 views

[SECURITY] [DLA 577-1] redis security update

Package : redis Version : 2:2.4.14-1+deb7u1 CVE ID : CVE-2013-7458 Debian Bug : 832460 It was discovered that the redis-cli tool in redis an in-memory key-value database created world-readable history files. For Debian 7 "Wheezy", this issue has been fixed in redis version 2:2.4.14-1+deb7u1. We...

3.3CVSS3.6AI score0.00484EPSS
Exploits0
OSV
OSV
added 2016/07/30 12:0 a.m.21 views

DLA-577-1 redis - security update

Bulletin has no description...

3.3CVSS3.9AI score0.00484EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Microsoft Internet Explorer 5.0 FTP Password Storage Vulnerability

No description provided by source. Microsoft Internet Explorer 5.0 for Windows 2000/Windows NT 4 FTP Password Storage Vulnerability source: http://www.securityfocus.com/bid/610/info FTP usernames and passwords for sites accessed via Internet Explorer 5.X are stored cleartext in history files stor...

7.1AI score
Exploits0
CVE
CVE
added 2001/09/18 4:0 a.m.58 views

CVE-2001-0378

CVE-2001-0378 affects OpenBSD readline prior to 4.1 (OpenBSD 2.8 and earlier). The vulnerability stems from creating readline history files with insecure permissions, allowing a local attacker to recover potentially sensitive information via history files. The NVD metrics list a base score of 2.1...

2.1CVSS6.3AI score0.00309EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.18 views

CVE-1999-1446

Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored...

6.6AI score0.02027EPSS
Exploits0References2
Rows per page
Query Builder