ALPINE-CVE-2017-9868

In Mosquitto through 1.4.12, mosquitto.db aka the persistence file is world readable, which allows local users to obtain sensitive MQTT topic information...

CVE-2017-9868

In Mosquitto through 1.4.12, mosquitto.db aka the persistence file is world readable, which allows local users to obtain sensitive MQTT topic information...

CVE-2017-9868

In Mosquitto through 1.4.12, mosquitto.db aka the persistence file is world readable, which allows local users to obtain sensitive MQTT topic information...

CVE-2017-9868

In Mosquitto through 1.4.12, mosquitto.db aka the persistence file is world readable, which allows local users to obtain sensitive MQTT topic information...

MGASA-2017-0179 Updated kodi packages fix security vulnerability

Updated Kodi package to fix world readable $HOME/.kodi directory which could potentially contain clear passwords for add-ons...

openstack-heat: /var/log/heat/ is world readable

An access-control flaw was found in the OpenStack Orchestration heat service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...

CVE-2016-5411

/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer QCI before 1.0 GA is created world readable and contains the root password of the deployed system...

CVE-2016-5411

/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer QCI before 1.0 GA is created world readable and contains the root password of the deployed system...

CVE-2016-5411

/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer QCI before 1.0 GA is created world readable and contains the root password of the deployed system...

CVE-2016-3107

The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data...

Design/Logic Flaw

The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data...

CVE-2016-3111

pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via...

PT-2017-8337 · Pulp · Pulp

Name of the Vulnerable Software and Affected Versions: Pulp versions prior to 2.8.3 Description: The issue concerns a world-readable file containing the private key for the Node certificate, stored in the "/etc/pki/pulp/nodes/" directory. This allows local users to access sensitive data,...

PT-2017-8340 · Pulp · Pulp

Name of the Vulnerable Software and Affected Versions: Pulp version 2.8.3 Description: The issue arises during the installation process of Pulp, where the pulp.spec generates RSA key pairs in a world-readable directory before modifying the permissions. This might allow local users to read the...

PT-2017-8341 · Pulp · Pulp

Name of the Vulnerable Software and Affected Versions: Pulp versions prior to 2.8.3 Description: The issue allows remote authenticated users to obtain consumer private keys and escalate privileges. This is due to the world-readable writing of consumer private keys to...

Lenovo Connect2 Ad-hoc Wifi Network Key Stored in User-readable Location - us

Lenovo Security Advisory: LEN-14398 Potential Impact: Disclosure of ad-hoc wifi network key stored in user-readable location Severity: Medium Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3742 Summary Description: An internal assessment has identified a vulnerability in Lenovo Connect...

Lenovo Connect2 Ad-hoc Wifi Network Key Stored in User-readable Location - Lenovo Support US

No description provided...

explo - Human And Machine Readable Web Vulnerability Testing Format

explo is a simple tool to describe web security issues in a human and machine readable format. By defining a request/condition workflow, explo is able to exploit security issues without the need of writing a script. This allows to share complex vulnerabilities in a simple readable and executable...

CA Client Automation Local Information Disclosure Vulnerability

CA Client Automation is a suite of automation and remote client management tools from CA, Inc.OS Installation Management component is the operating system installation management component. A security vulnerability exists in the OS Installation Management component of CA Client Automation version...

openstack-heat: /var/log/heat/ is world readable

An access-control flaw was found in the OpenStack Orchestration heat service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...