Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2198 matches found

Cvelist
Cvelistadded 2014/06/09 7:0 p.m.20 views

CVE-2013-2563

Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file...

5.2AI score0.00465EPSS
Exploits1References3
NVD
NVDadded 2014/05/29 2:19 p.m.11 views

CVE-2014-0201

ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...

2.1CVSS5.7AI score0.00379EPSS
Exploits0References1
Prion
Prionadded 2014/05/29 2:19 p.m.16 views

Design/Logic Flaw

ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...

2.1CVSS6.2AI score0.00379EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2014/05/29 2:0 p.m.20 views

CVE-2014-0201

ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...

5.7AI score0.00379EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2014/05/29 12:0 a.m.3 views

PT-2014-3531 · Ovirt · Ovirt Engine Reports

Name of the Vulnerable Software and Affected Versions: ovirt-engine-reports versions prior to 3.3.3 Description: The issue allows local users to obtain sensitive information by reading configuration files due to world-readable permissions. Recommendations: For versions prior to 3.3.3, update to...

2.1CVSS5.7AI score0.00379EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2014/05/29 12:0 a.m.3 views

PT-2014-3530 · Red Hat · Rhevm-Reports

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization Manager reports rhevm-reports versions prior to 3.3.3-1 Description: The issue allows local users to obtain sensitive information by reading a configuration file due to world-readable permissions. The file in...

2.1CVSS5.7AI score0.00372EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2014/05/28 12:1 a.m.3 views

JBossSX/PicketBox: World readable audit.log file

It was found that the security auditing functionality provided by PicketBox and JBossSX, both security frameworks for Java applications, used a world-readable audit.log file to record sensitive information. A local user could possibly use this flaw to gain access to the sensitive information in t...

2.1CVSS5.7AI score0.00347EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2014/05/27 11:50 p.m.4 views

JBossSX/PicketBox: World readable audit.log file

It was found that the security auditing functionality provided by PicketBox and JBossSX, both security frameworks for Java applications, used a world-readable audit.log file to record sensitive information. A local user could possibly use this flaw to gain access to the sensitive information in t...

2.1CVSS5.7AI score0.00347EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2014/05/27 11:49 p.m.6 views

JBossSX/PicketBox: World readable audit.log file

It was found that the security auditing functionality provided by PicketBox and JBossSX, both security frameworks for Java applications, used a world-readable audit.log file to record sensitive information. A local user could possibly use this flaw to gain access to the sensitive information in t...

2.1CVSS5.7AI score0.00347EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2014/05/27 4:20 p.m.4 views

ovirt-engine-reports: various configuration files are world-readable

ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...

2.1CVSS5.8AI score0.00379EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2014/05/27 4:20 p.m.34 views

Low: Red Hat Security Advisory: rhevm-reports 3.3.3 security and bug fix update

An updated rhevm-reports package that fixes three security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for eac...

2.1CVSS5.7AI score0.00379EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2014/05/27 4:20 p.m.3 views

ovirt-engine-reports: js-jboss7-ds.xml is world-readable

The Red Hat Enterprise Virtualization Manager reports rhevm-reports package before 3.3.3-1 uses world-readable permissions on the datasource configuration file js-jboss7-ds.xml, which allows local users to obtain sensitive information by reading the file...

2.1CVSS5.8AI score0.00372EPSS
Exploits0References4
OSV
OSVadded 2014/05/23 2:55 p.m.2 views

DEBIAN-CVE-2013-4223

The Gentoo Nullmailer package before 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file...

5CVSS6.8AI score0.01335EPSS
Exploits0References1
OSV
OSVadded 2014/05/23 2:55 p.m.7 views

CVE-2013-4223

The Gentoo Nullmailer package before 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file...

6.3AI score
Exploits0References6
Prion
Prionadded 2014/05/23 2:55 p.m.16 views

Authentication flaw

The Gentoo Nullmailer package before 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file...

5CVSS6.9AI score0.01335EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVEadded 2014/05/23 2:0 p.m.20 views

CVE-2013-4223

The Gentoo Nullmailer package before 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file...

5CVSS6.3AI score0.01335EPSS
Exploits0
securityvulns
securityvulnsadded 2014/05/15 12:0 a.m.31 views

ldns weak permissions

ldns-keygen can create world-readable private key file...

2.1CVSS1.9AI score0.00376EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/05/15 12:0 a.m.60 views

[oss-security] CVE request: Pyplate multiple vulnerabilities

Hello list, My friend Teemu V. "requested" security audit for Pyplate. While quickly checking quality of this software I noticed following issues. This is not a full security audit as I don't have much free time. Tested version: v0.08 still beta Vendor notification: 2014-05-13 Issue 1. Installati...

0.3AI score
Exploits0
NVD
NVDadded 2014/05/14 7:55 p.m.18 views

CVE-2013-4455

Katello Installer before 0.0.18 uses world-readable permissions for /etc/pki/tls/private/katello-node.key when deploying a child Pulp node, which allows local users to obtain the private key by reading the file...

2.1CVSS6.2AI score0.00456EPSS
Exploits1References2
Cvelist
Cvelistadded 2014/05/14 7:0 p.m.18 views

CVE-2013-4455

Katello Installer before 0.0.18 uses world-readable permissions for /etc/pki/tls/private/katello-node.key when deploying a child Pulp node, which allows local users to obtain the private key by reading the file...

6.2AI score0.00456EPSS
Exploits1References2
Rows per page
Query Builder