2192 matches found
CVE-2014-5457
QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password...
CVE-2015-8222
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors...
CVE-2010-2470
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when usesuexec is enabled, uses world-readable permissions within 1 .bzr/ and 2 data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability...
CVE-2005-2212
Backup Manager 0.5.8a creates an archive repository with world readable and writable permissions, which allows attackers to modify or read the repository...
CVE-1999-0408
Files created from interactive shell sessions in Cobalt RaQ microservers e.g. .bashhistory are world readable, and thus are accessible from the web server...
Security update for brltty
This update for brltty fixes the following issues: Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
SUSE-SU-2025:1583-1 Security update for brltty
This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...
Security update for brltty
This update for brltty fixes the following issues: Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
SUSE-SU-2025:1582-1 Security update for brltty
This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...
Security update for brltty
This update for brltty fixes the following issues: Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
SUSE-SU-2025:1579-1 Security update for brltty
This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...
PT-2025-23182 · Suse · Brltty
This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...
PT-2025-23184 · Suse · Brltty
This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...
PT-2025-23183 · Opensuse +1 · Brltty
Name of the Vulnerable Software and Affected Versions: brltty affected versions not specified Description: The brltty software contained an issue where the brlapi.key file was temporarily world-readable during creation. This could potentially allow unauthorized access to the key file...
rpm-ostree: world-readable /etc/shadow file
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication da...
OESA-2025-1469 cobbler security update
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
OESA-2025-1468 cobbler security update
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
PT-2025-15636 · Dnn · Dnn
Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.8 Description: The algorithm used to generate the captcha image in DNN formerly DotNetNuke shows the least complexity of the desired image, making it easily readable by OCR tools. This allows an...
OESA-2025-1323 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
CVE-2025-27926
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...