CVE-2024-20280

A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with access to a backup file to learn sensitive information that is stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method that is used fo...

PT-2025-11273 · Ibm · Ibm Security Qradar Edr

Name of the Vulnerable Software and Affected Versions: IBM Security QRadar version 3.12 EDR Description: The issue allows a local privileged user to read user credentials stored in plain text. Recommendations: For IBM Security QRadar version 3.12 EDR, consider restricting access to sensitive area...

SUSE CVE-2012-2389

hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials...

Security update for strongswan (important)

openSUSE Security Update: Security update for strongswan Announcement ID: openSUSE-SU-2019:2594-1 Rating: important References: 1093536 1094462 1107874 1109845 Cross-References: CVE-2018-10811 CVE-2018-16151 CVE-2018-16152 CVE-2018-17540 CVE-2018-5388 Affected Products: openSUSE Leap 15.0 An upda...

ceph-deploy: keyring permissions are world readable in ~ceph

It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file...