193 matches found
EUVD-2022-0041
Malicious code in bioql PyPI...
CVE-2025-34210
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments store a large number of sensitive credentials database passwords, MySQL root password, SaaS keys, Portainer admin password, etc. in cleartext files that are world-readable. Any local user - or any proces...
CVE-2025-34210 Vasion Print (formerly PrinterLogic) Readable Cleartext Passwords
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments store a large number of sensitive credentials database passwords, MySQL root password, SaaS keys, Portainer admin password, etc. in cleartext files that are world-readable. Any local user - or any proces...
CVE-2025-34210
The CVE concerns Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SAAS deployments). The connected sources confirm that sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) are stored in cleartext files that are ...
CVE-2025-34210 Vasion Print (formerly PrinterLogic) Readable Cleartext Passwords
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments store a large number of sensitive credentials database passwords, MySQL root password, SaaS keys, Portainer admin password, etc. in cleartext files that are world-readable. Any local user - or any proces...
PT-2025-40402
Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments affected versions not specified Description The software stores a significant number of sensitive credentials, including database passwords, MySQL ro...
IBM: IBM Aspera HTTP Gateway stores sensitive information in clear text in easily obtainable files which can be read by an unauthenticated user.
The IBM Aspera HTTP Gateway stored sensitive information in clear text in easily obtainable files, which could be read by an unauthenticated user. The issue was submitted to IBM, analyzed, and remediated...
Linux Distros Unpatched Vulnerability : CVE-2008-4870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dovecot 1.0.7 in Red Hat Enterprise Linux RHEL 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the...
SUSE CVE-2025-52900
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...
CVE-2025-52900 File Browser has Insecure File Permissions
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...
CVE-2025-32803
CVE-2025-32803 affects ISC Kea log/lease files that can be world-readable. Affected Kea versions: 2.4.0–2.4.1, 2.6.0–2.6.2, 2.7.0–2.7.8. The CVE is categorized with LOCAL attack vector, low confidentiality impact, and no exploitation details provided in the initial documents. Connected advisories...
CVE-2025-32803
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8...
PT-2025-23106
Name of the Vulnerable Software and Affected Versions Kea versions 2.4.0 through 2.4.1 Kea versions 2.6.0 through 2.6.2 Kea versions 2.7.0 through 2.7.8 Description In some cases, Kea log files or lease files may be world-readable. Recommendations For Kea versions 2.4.0 through 2.4.1, update to a...
CVE-2025-24788
snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on th...
CVE-2024-29962
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary...
CVE-2018-20952
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor SEC-388...
CVE-1999-0408
Files created from interactive shell sessions in Cobalt RaQ microservers e.g. .bashhistory are world readable, and thus are accessible from the web server...
OESA-2025-1469 cobbler security update
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
OESA-2025-1468 cobbler security update
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
Linux Distros Unpatched Vulnerability : CVE-2017-1000383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Emacs version 25.3.1 and other versions most likely ignores umask when creating a backup save file ORIGINALFILENAME resulting in files that may be world...