1677 matches found
MiracleLinux 4 : dracut-004-336.AXS4.2 (AXSA:2014-007:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-007:01 advisory. dracut is a new, event-driven initramfs infrastructure based around udev. Security issues fixed with this release: CVE-2012-4453 dracut.sh in dracut creates...
MiracleLinux 4 : libguestfs-1.16.19-1.0.1.AXS4 (AXSA:2012-585:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-585:02 advisory. Libguestfs is a library for accessing and modifying guest disk images. Amongst the things this is good for: making batch configuration changes to guests,...
Astra Linux – Vulnerability in libvirt
A flaw was discovered in libvirt. External inactive snapshots of shut-down virtual machines are created as being accessible to everyone on the network, allowing unprivileged users to inspect the contents of the guest operating systems. This leads to an information disclosure vulnerability...
CVE-2016-10819
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd SEC-125...
SUSE-SU-2026:20050-1 Security update for libvirt
This update for libvirt fixes the following issues: Security issues fixed: - CVE-2025-13193: external inactive snapshots for shut-down VMs that are incorrectly created as world-readable allow unprivileged users to inspect guest OS contents bsc1253703. - CVE-2025-12748: parsing of user-provided XM...
CVE-2017-18424
In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt SEC-274...
CVE-2017-18428
In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing SEC-290...
CVE-2011-0178
The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory...
CVE-1999-0712
A vulnerability in Caldera Open Administration System COAS allows the /etc/shadow password file to be made world-readable...
CVE-2019-16061
A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are granted weak world-readable and world-writable permissions, allowing any low privileged user with access to the system to read sensitive data e.g., .htpasswd and create/modify/delete content e.g., under /var/www/html/docs with...
Unity Linux 20.1070e Security Update: libvirt (UTSA-2025-993329)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993329 advisory. A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to...
OESA-2025-2894 libvirt security update
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in libvirt. External inactive snapshots for shut-down VMs are...
OESA-2025-2893 libvirt security update
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in libvirt. External inactive snapshots for shut-down VMs are...
[SECURITY] [DLA 4400-1] rear security update
Debian LTS Advisory DLA-4400-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert December 10, 2025 https://wiki.debian.org/LTS Package : rear Version : 2.6+dfsg-1+deb11u1 CVE ID : CVE-2024-23301 Debian Bug : 1060747 It has been discovered that Relax-and-Recover aka...
Debian dla-4400 : rear - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4400 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4400-1 [email protected] https://www.debian.org/lts/security/...
OPENSUSE-SU-2025:20100-1 Security update for libvirt
This update for libvirt fixes the following issues: - CVE-2025-13193: Fixed Information disclosure via world-readable VM snapshots bsc1253703 - CVE-2025-12748: Fixed Denial of service in XML parsing bsc1253278 Other fixes: - spec: Adjust dbus dependency bsc1253642 - qemu: Add support for Intel TD...
Libvirt: information disclosure via world-readable vm snapshots
...
CVE-2025-64996
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification ...
Linux Distros Unpatched Vulnerability : CVE-2025-64996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing a...
EUVD-2025-198049
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification ...