Lucene search
K

193 matches found

OSV
OSV
added 2022/09/13 9:15 p.m.5 views

CVE-2022-39821

In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem...

7.5CVSS5.8AI score0.00633EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/29 12:0 a.m.6 views

Data Transfer Project 安全漏洞

Google Data Transfer Project is an open source data transfer project of the U.S. company Google Google. It enables people to easily transfer data between online service providers. A security vulnerability exists in data-transfer-project that originates on Unix-like systems where the system...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/02/21 12:0 a.m.41 views

Incorrect Default Permissions in Cobbler

An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobble...

7.1CVSS1.1AI score0.00311EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added 2022/02/20 6:15 p.m.6 views

PYSEC-2022-38

An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobble...

7.1CVSS6.4AI score0.00311EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/01/12 12:0 a.m.4 views

PT-2022-12304 · Cobbler +2 · Cobbler +2

Name of the Vulnerable Software and Affected Versions: Cobbler versions prior to 3.3.1 Description: An issue was discovered where files in /etc/cobbler are world readable, exposing sensitive information to local users with non-privileged access. The users.digest file contains the sha2-512 digest ...

10CVSS7.6AI score0.88482EPSS
Exploits6References89
ATTACKERKB
ATTACKERKB
added 2021/11/07 6:15 p.m.2 views

CVE-2021-43413

An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access...

9CVSS7.2AI score0.0191EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2020/11/04 1:31 a.m.8 views

grafana: information disclosure through world-readable grafana configuration files

An information-disclosure flaw was found in Grafana distributed by Red Hat. This flaw allows a local attacker access to potentially sensitive information such as secretkey and a bindpassword from the world-readable files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml...

5.5CVSS7.1AI score0.00318EPSS
Exploits0References4
OSV
OSV
added 2020/08/18 5:41 p.m.5 views

MGASA-2020-0326 Updated targetcli packages fix security vulnerability

An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highe...

5.5CVSS5.2AI score0.00335EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2020/07/06 5:11 a.m.78 views

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

cve-2020-5902 cve-2020-5902 POC exploit bash POC CVE-2020-...

10CVSS8AI score0.99999EPSS
Exploits60
RedHat Linux
RedHat Linux
added 2020/06/02 3:34 p.m.4 views

grafana: information disclosure through world-readable grafana configuration files

An information-disclosure flaw was found in Grafana distributed by Red Hat. This flaw allows a local attacker access to potentially sensitive information such as secretkey and a bindpassword from the world-readable files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml...

5.5CVSS7.1AI score0.00318EPSS
Exploits0References4
OSV
OSV
added 2020/05/04 10:15 a.m.5 views

CVE-2020-1631

A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN DVPN, Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning ZTP allows an unauthenticated attacker to perform local file inclusion LFI or path traversal. Using this vulnerability...

9.8CVSS7.2AI score0.04725EPSS
Exploits0References2
CNVD
CNVD
added 2020/04/30 12:0 a.m.2 views

Grafana Information Disclosure Vulnerability (CNVD-2020-27229)

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. An information disclosure vulnerability exists in Grafana 6.7.3 and earlier versions,...

5.5CVSS7.9AI score0.00465EPSS
Exploits1
OSV
OSV
added 2020/03/10 8:56 p.m.16 views

GHSA-8867-VPM3-G98G Incorrect Default Permissions in keyring

Python keyring has insecure permissions on new databases, allowing world-readable files to be created...

8.7CVSS6.2AI score0.0045EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.9 views

The vulnerability of the Junos operating system arises from an incorrect path limitation for the access-limited directory. This allows attackers to gain access to files with a “world” read permission, or to delete any files with a “world” permission.

The vulnerability of the Junos operating system exists due to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain read access to files with the "world" permission, or to delete any files...

5.5CVSS6.5AI score0.00931EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2019/11/26 1:56 p.m.13 views

CVE-2016-3192

Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files...

6.5AI score0.0061EPSS
Exploits0References1
OSV
OSV
added 2019/11/25 1:15 p.m.11 views

CVE-2012-5578

Python keyring has insecure permissions on new databases allowing world-readable files to be created...

6.2CVSS6.2AI score0.0045EPSS
Exploits0References11
Prion
Prion
added 2019/11/25 1:15 p.m.16 views

Code injection

Python keyring has insecure permissions on new databases allowing world-readable files to be created...

2.1CVSS7AI score0.0045EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2019/11/25 1:15 p.m.28 views

CVE-2012-5578

Python keyring has insecure permissions on new databases allowing world-readable files to be created...

6.2CVSS6.5AI score0.0045EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/11/25 1:1 p.m.26 views

CVE-2012-5578

Python keyring has insecure permissions on new databases allowing world-readable files to be created...

6.2AI score0.0045EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2019/11/25 1:1 p.m.47 views

CVE-2012-5578

Python keyring has insecure permissions on new databases allowing world-readable files to be created...

6.2CVSS6.3AI score0.0045EPSS
Exploits0
Rows per page
Query Builder