DEBIAN-CVE-2012-0844

Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar...

CVE-2012-0844

Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar...

CVE-2012-0844

Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar...

CVE-2012-0844

Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar...

CVE-2012-0844

Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar...

CVE-2016-6494

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files...

CVE-2020-1736

A flaw was found in Ansible Engine when a file is moved using atomicmove primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions...

Low: Red Hat Security Advisory: OpenShift Container Platform 4.2.18 ose-baremetal-installer-container and ose-cli-artifacts-container security update

An update for ose-baremetal-installer-container and ose-cli-artifacts-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a...

The vulnerability of the Junos operating system arises from an incorrect path limitation for the access-limited directory. This allows attackers to gain access to files with a “world” read permission, or to delete any files with a “world” permission.

The vulnerability of the Junos operating system exists due to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain read access to files with the "world" permission, or to delete any files...

Product update: Virtuozzo PowerPanel Update 1 Hotfix 1 (7.0.4-39)

The update for Virtuozzo PowerPanel introduces stability and usability fixes. Vulnerability id: PP-643 Attach and detach backup tasks missing or undefined in the task log. Vulnerability id: PP-642 The 'vzapi-api' package not updated on the controller when upgrading PowerPanel. Vulnerability id:...

CVE-2020-1606

A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect system files that can be accessed only by root user. This issu...

CVE-2012-5476

Within the RHOS Essex Preview 2012.2 of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value...

CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

DEBIAN-CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

CVE-2012-5476

Within the RHOS Essex Preview 2012.2 of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value...

CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

Ansible Tower 3.5.x < 3.5.4 / 3.6.x < 3.6.2 Multiple Vulnerabilities

The version of Ansible Tower running on the remote web server is 3.5.x prior to 3.5.4 or 3.6.x prior to 3.6.2. It is, therefore, affected by multiple vulnerabilities. - An information disclosure vulnerability exists in the Sumologic and Splunk callback plugins due to Ansible not respecting the...

CVE-2019-19341

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRETKEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every...

PT-2019-15816 · Red Hat · Ansible Tower

Name of the Vulnerable Software and Affected Versions: Ansible Tower versions 3.6.x before 3.6.2 Description: A flaw was found in Ansible Tower where files in '/var/backup/tower' are left world-readable. These files include both the SECRET KEY and the database backup. Any user with access to the...