2198 matches found
UBUNTU-CVE-2016-8637
A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...
DEBIAN-CVE-2016-8637
A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...
CVE-2016-8637
A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...
CVE-2016-8637
A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...
CVE-2017-2621
An access-control flaw was found in the OpenStack Orchestration heat service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...
CVE-2017-2621
An access-control flaw was found in the OpenStack Orchestration heat service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...
UBUNTU-CVE-2017-2621
An access-control flaw was found in the OpenStack Orchestration heat service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...
CVE-2017-2621
An access-control flaw was found in the OpenStack Orchestration heat service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...
CVE-2017-2622
An accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...
UBUNTU-CVE-2017-2622
An accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...
CVE-2017-2622
An accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...
CVE-2017-2622
An accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...
PT-2018-7143 · Openstack · Openstack Workflow
Name of the Vulnerable Software and Affected Versions: OpenStack Workflow mistral affected versions not specified Description: An accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system user could...
PT-2018-7142 · Openstack · Openstack Orchestration (Heat) Service
Name of the Vulnerable Software and Affected Versions: OpenStack Orchestration heat service versions prior to 8.0.0 OpenStack Orchestration heat service version 6.1.0 OpenStack Orchestration heat service version 7.0.2 Description: An access-control flaw was found in the OpenStack Orchestration he...
CVE-2017-12167
It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system...
CVE-2017-12167
It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system...
CVE-2017-12167
CVE-2017-12167 affects Red Hat JBoss EAP 7.x prior to 7.0.9. The flaw is in properties-based files used for management and application realm configuration where user-to-role mappings are world-readable, enabling information disclosure of users/roles to any authenticated user. Connected advisories...
SUSE SLED12 / SLES12 Security Update : rsyslog (SUSE-SU-2018:2038-1)
This update for rsyslog fixes the following issues: The following security vulnerability was addressed : - CVE-2015-3243: Make sure that log files are not created world-readable bsc935393 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...
SUSE-SU-2018:2038-1 Security update for rsyslog
This update for rsyslog fixes the following issues: The following security vulnerability was addressed: CVE-2015-3243: Make sure that log files are not created world-readable bsc935393...
CVE-2018-0392
A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions i.e., World-Readable. An attacker could exploit this vulnerability by logging in to the CLI. An...