Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/24 8:45 p.m.16 views

CVE-2026-32315 motionEye: World-Readable Configuration File Exposes Admin Password Hash

motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...

5.5CVSS0.02902EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 8:45 p.m.9 views

CVE-2026-32315

motionEye prior to 0.44.0 creates /etc/motioneye/motion.conf with 644 permissions (-rw-r--r--) and per-camera camera-.conf with identical permissions, making the admin password hash and camera credentials readable by any local user. The SHA1 admin password hash can be cracked offline to plaintext...

5.5CVSS5.8AI score0.02902EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/04/01 12:0 a.m.6 views

PT-2019-8951 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology Diskstation Manager DSM versions prior to 6.2-23739-1 Description: The issue is related to incorrect default permissions in the synouser.conf file, allowing remote authenticated users to obtain sensitive information due to the...

6.5CVSS6.4AI score0.0133EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2015/06/04 8:8 a.m.4 views

thermostat: world-readable configuration file containing credentials

It was discovered that the Thermostat web application stored database authentication credentials in a world-readable configuration file. A local user on a system running the Thermostat web application could use this flaw to access and modify monitored JVM data, or perform actions on connected JVM...

2.1CVSS5.8AI score0.00507EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2013/03/08 12:0 a.m.4 views

PT-2013-2200

Name of the Vulnerable Software and Affected Versions puppetlabs-cinder module affected versions not specified Description The issue concerns the puppetlabs-cinder module, which is used in PackStack. It allows local users to read OpenStack administrative passwords due to world-readable permission...

5.5CVSS5.8AI score0.00272EPSS
Exploits0References6
Rows per page
Query Builder