PT-2019-13867 · Mitsubishi · Me-Rtu

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Europe B.V. ME-RTU devices versions 2.02 and earlier INEA ME-RTU devices versions 3.0 and earlier Description: An issue allows an attacker to read sensitive configuration settings due to insecure permission assignment. The...

CVE-2016-9590

An information-disclosure flaw was discovered in Red Hat OpenStack Platform director's installation of Object Storage swift. During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions...

CVE-2017-12167

It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system...

PT-2019-16903 · Ibm · Ibm Websphere Extreme Scale

Name of the Vulnerable Software and Affected Versions: IBM WebSphere eXtreme Scale version 8.6 Description: The issue allows web pages to be stored locally, which can then be read by another user on the system, potentially leading to information disclosure. Recommendations: For IBM WebSphere...

The vulnerability of the config-variables.jelly component in the Jenkins Credentials Binding plugin allows a hacker to gain unauthorized access to protected information.

The vulnerability of the config-variables.jelly component in the Jenkins Credentials Binding plugin is related to the storage of passwords in a readable format. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2017-18424

In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt SEC-274...

CVE-2017-18428

In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing SEC-290...

CVE-2017-18428

In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing SEC-290...

CVE-2017-18424

In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt SEC-274...

CVE-2017-18424

In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt SEC-274...

CVE-2017-18423

In cPanel before 66.0.2, domain log files become readable after log processing SEC-273...

CVE-2017-18412

cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename SEC-296...

Design/Logic Flaw

cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename SEC-296...

CVE-2017-18412

cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename SEC-296...

CVE-2017-18412

CVE-2017-18412 affects cPanel before 67.9999.103, where mishandling during an account rename allows Apache HTTP Server log files to become world-readable (information disclosure). Root cause: improper access control on log files. Impact is limited to partial confidentiality breach as described; n...

CVE-2017-18391

cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval SEC-323...

Design/Logic Flaw

cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval SEC-323...

CVE-2017-18391

cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval SEC-323...

CVE-2017-18391

CVE-2017-18391 affects cPanel prior to 68.0.15, where backup files can be read during a short window because they are world-readable (SEC-323). The root cause is improper file permissions exposing backups locally. Affected product: cPanel/WHM (before 68.0.15). Impact: disclosure of backup data; s...

CVE-2016-10819

In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd SEC-125...