Lucene search
K

193 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2022-0041

Malicious code in bioql PyPI...

7.1CVSS8AI score0.00311EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2025/10/03 4:58 p.m.3 views

CVE-2025-34210

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments store a large number of sensitive credentials database passwords, MySQL root password, SaaS keys, Portainer admin password, etc. in cleartext files that are world-readable. Any local user - or any proces...

9.4CVSS6.4AI score0.00146EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/02 4:13 p.m.10 views

CVE-2025-34210 Vasion Print (formerly PrinterLogic) Readable Cleartext Passwords

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments store a large number of sensitive credentials database passwords, MySQL root password, SaaS keys, Portainer admin password, etc. in cleartext files that are world-readable. Any local user - or any proces...

9.4CVSS0.00146EPSS
Exploits1References4
CVE
CVE
added 2025/10/02 4:13 p.m.13 views

CVE-2025-34210

The CVE concerns Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SAAS deployments). The connected sources confirm that sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) are stored in cleartext files that are ...

9.4CVSS6.1AI score0.00146EPSS
Exploits1References4Affected Software2
Vulnrichment
Vulnrichment
added 2025/10/02 4:13 p.m.4 views

CVE-2025-34210 Vasion Print (formerly PrinterLogic) Readable Cleartext Passwords

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments store a large number of sensitive credentials database passwords, MySQL root password, SaaS keys, Portainer admin password, etc. in cleartext files that are world-readable. Any local user - or any proces...

9.4CVSS6.1AI score0.00146EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.5 views

PT-2025-40402

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments affected versions not specified Description The software stores a significant number of sensitive credentials, including database passwords, MySQL ro...

9.4CVSS6AI score0.00146EPSS
Exploits1References11
Hacker One
Hacker One
added 2025/09/16 4:33 p.m.9 views

IBM: IBM Aspera HTTP Gateway stores sensitive information in clear text in easily obtainable files which can be read by an unauthenticated user.

The IBM Aspera HTTP Gateway stored sensitive information in clear text in easily obtainable files, which could be read by an unauthenticated user. The issue was submitted to IBM, analyzed, and remediated...

5.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2008-4870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dovecot 1.0.7 in Red Hat Enterprise Linux RHEL 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the...

2.1CVSS5.5AI score0.00372EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/08/06 2:53 a.m.3 views

SUSE CVE-2025-52900

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...

5.5CVSS6.9AI score0.0019EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/06/26 2:35 p.m.11 views

CVE-2025-52900 File Browser has Insecure File Permissions

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...

5.5CVSS0.0019EPSS
Exploits1References2
CVE
CVE
added 2025/05/28 5:8 p.m.69 views

CVE-2025-32803

CVE-2025-32803 affects ISC Kea log/lease files that can be world-readable. Affected Kea versions: 2.4.0–2.4.1, 2.6.0–2.6.2, 2.7.0–2.7.8. The CVE is categorized with LOCAL attack vector, low confidentiality impact, and no exploitation details provided in the initial documents. Connected advisories...

4CVSS4.4AI score0.00212EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/05/28 5:8 p.m.6 views

CVE-2025-32803

In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8...

4CVSS4.5AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/28 12:0 a.m.3 views

PT-2025-23106

Name of the Vulnerable Software and Affected Versions Kea versions 2.4.0 through 2.4.1 Kea versions 2.6.0 through 2.6.2 Kea versions 2.7.0 through 2.7.8 Description In some cases, Kea log files or lease files may be world-readable. Recommendations For Kea versions 2.4.0 through 2.4.1, update to a...

7.8CVSS5.9AI score0.00233EPSS
Exploits0References42
RedhatCVE
RedhatCVE
added 2025/05/23 11:59 a.m.6 views

CVE-2025-24788

snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on th...

5.5CVSS6.5AI score0.00141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:18 a.m.6 views

CVE-2024-29962

Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary...

5.5CVSS6.4AI score0.00183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:59 a.m.7 views

CVE-2018-20952

cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor SEC-388...

6.5CVSS7AI score0.00875EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:9 p.m.11 views

CVE-1999-0408

Files created from interactive shell sessions in Cobalt RaQ microservers e.g. .bashhistory are world readable, and thus are accessible from the web server...

10CVSS7AI score0.01518EPSS
Exploits0References1
OSV
OSV
added 2025/05/09 12:42 p.m.6 views

OESA-2025-1469 cobbler security update

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...

9.8CVSS7.1AI score0.88482EPSS
Exploits1References6
OSV
OSV
added 2025/05/09 12:42 p.m.6 views

OESA-2025-1468 cobbler security update

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...

9.8CVSS7.1AI score0.88482EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-1000383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Emacs version 25.3.1 and other versions most likely ignores umask when creating a backup save file ORIGINALFILENAME resulting in files that may be world...

5.5CVSS6.2AI score0.0042EPSS
Exploits0References3
Rows per page
Query Builder