Total
277 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36763 | 1 Codesys | 7 Control, Control Rte, Control Runtime System Toolkit and 4 more | 2021-08-17 | 5.0 MEDIUM | 7.5 HIGH |
| In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties. | |||||
| CVE-2021-32752 | 1 Ethercreative | 1 Logs | 2021-07-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may disable the plugin if untrustworthy sources have admin access. | |||||
| CVE-2019-19843 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache. | |||||
| CVE-2019-20529 | 1 Frappe | 1 Frappe | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files (no authentication is required to access; having a link is sufficient) instead of private files. | |||||
| CVE-2019-19018 | 1 Titanhq | 1 Webtitan | 2021-07-21 | 4.0 MEDIUM | 2.7 LOW |
| An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a database configuration file under /include/dbconfig.ini in the web administration interface, revealing what database the web application is using. | |||||
| CVE-2019-7306 | 2 Byobu, Canonical | 2 Byobu, Ubuntu Linux | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu | |||||
| CVE-2020-35658 | 1 Titanhq | 1 Spamtitan | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted. | |||||
| CVE-2019-20593 | 1 Google | 1 Android | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks Private Mode thumbnails. The Samsung ID is SVE-2019-14208 (July 2019). | |||||
| CVE-2020-10105 | 1 Zammad | 1 Zammad | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Zammad 3.0 through 3.2. It returns source code of static resources when submitting an OPTIONS request, rather than a GET request. Disclosure of source code allows for an attacker to formulate more precise attacks. Source code was disclosed for the file 404.html (/zammad/public/404.html) | |||||
| CVE-2019-4398 | 1 Ibm | 2 Cloud Orchestrator, Cloud Orchestrator Enterprise | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. IBM X-Force ID: 162259. | |||||
| CVE-2015-1350 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2021-07-15 | 2.1 LOW | 5.5 MEDIUM |
| The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program. | |||||
| CVE-2021-33359 | 1 Sensepost | 1 Gowitness | 2021-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability exists in gowitness < 2.3.6 that allows an unauthenticated attacker to perform an arbitrary file read using the file:// scheme in the url parameter to get an image of any file. | |||||
| CVE-2021-20253 | 1 Redhat | 1 Ansible Tower | 2021-06-02 | 3.5 LOW | 6.7 MEDIUM |
| A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape allowing an attacker to elevate the privilege from a low privileged user to the awx user from outside the isolated environment. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-20182 | 1 Redhat | 1 Openshift Container Platform | 2021-05-21 | 6.5 MEDIUM | 8.8 HIGH |
| A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as the network and storage devices, to at least escalate their privileges to that of the cluster admin. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-21429 | 1 Openapi-generator | 1 Openapi Generator | 2021-05-07 | 2.1 LOW | 3.3 LOW |
| OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. OpenAPI Generator maven plug-in creates insecure temporary files during the process. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version. | |||||
| CVE-2021-24154 | 1 Themeeditor | 1 Theme Editor | 2021-04-19 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Theme Editor WordPress plugin before 2.6 did not validate the GET file parameter before passing it to the download_file() function, allowing administrators to download arbitrary files on the web server, such as /etc/passwd | |||||
| CVE-2021-21355 | 1 Typo3 | 1 Typo3 | 2021-03-26 | 7.5 HIGH | 8.6 HIGH |
| TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default _fileDenyPattern_ successfully blocked files like _.htaccess_ or _malicious.php_. Besides that, _UploadedFileReferenceConverter_ transforming uploaded files into proper FileReference domain model objects handles possible file uploads for other extensions as well - given those extensions use the Extbase MVC framework, make use of FileReference items in their direct or inherited domain model definitions and did not implement their own type converter. In case this scenario applies, _UploadedFileReferenceConverter_ accepts any file mime-type and persists files in the default location. In any way, uploaded files are placed in the default location _/fileadmin/user_upload/_, in most scenarios keeping the submitted filename - which allows attackers to directly reference files, or even correctly guess filenames used by other individuals, disclosing this information. No authentication is required to exploit this vulnerability. This is fixed in versions 8.7.40, 9.5.25, 10.4.14, 11.1.1. | |||||
| CVE-2019-3897 | 1 Redhat | 2 Certification, Enterprise Linux | 2021-03-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this issue. | |||||
| CVE-2017-16651 | 2 Debian, Roundcube | 2 Debian Linux, Webmail | 2021-03-04 | 4.6 MEDIUM | 7.8 HIGH |
| Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests. | |||||
| CVE-2020-27368 | 1 Totolink | 2 A702r, A702r Firmware | 2021-01-26 | 2.1 LOW | 5.5 MEDIUM |
| Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter. | |||||