Total
277 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1256 | 1 Cisco | 1 Firepower Threat Defense | 2023-11-07 | 3.6 LOW | 6.0 MEDIUM |
| A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and issuing a specific CLI command with crafted user input. A successful exploit could allow the attacker to overwrite arbitrary files on the file system of the affected device. The attacker would need valid user credentials on the device. | |||||
| CVE-2020-25636 | 1 Redhat | 1 Ansible | 2023-11-07 | 3.6 LOW | 7.1 HIGH |
| A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability. | |||||
| CVE-2020-15175 | 1 Glpi-project | 1 Glpi | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| In GLPI before version 9.5.2, the `pluginimage.send.php` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and folders contained in “/files/”. Some of the sensitive information that is compromised are the user sessions, logs, and more. An attacker would be able to get the Administrators session token and use that to authenticate. The issue is patched in version 9.5.2. | |||||
| CVE-2020-13953 | 1 Apache | 1 Tapestry | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run. | |||||
| CVE-2020-11976 | 1 Apache | 2 Fortress, Wicket | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5 | |||||
| CVE-2019-3622 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2023-11-07 | 4.6 MEDIUM | 8.2 HIGH |
| Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links. | |||||
| CVE-2017-6922 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core did not previously provide this protection, allowing an access bypass vulnerability to occur. This issue is mitigated by the fact that in order to be affected, the site must allow anonymous users to upload files into a private file system. | |||||
| CVE-2023-45160 | 1 1e | 1 Client | 2023-11-02 | N/A | 8.8 HIGH |
| In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. The 1E Client's temporary directory is now locked down in the released patch. Resolution: This has been fixed in patch Q23094 This issue has also been fixed in the Mac Client in updated versions of Non-Windows release v8.1.2.62 - please re-download from the 1E Support site. Customers with Mac Client versions higher than v8.1 will need to upgrade to v23.11 to remediate this vulnerability. | |||||
| CVE-2023-33517 | 1 Carrental Project | 1 Carrental | 2023-10-31 | N/A | 7.5 HIGH |
| carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System). | |||||
| CVE-2023-26580 | 1 Idattend | 1 Idweb | 2023-10-28 | N/A | 7.5 HIGH |
| Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers. | |||||
| CVE-2021-1512 | 1 Cisco | 23 Catalyst Sd-wan Manager, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 20 more | 2023-10-16 | 3.6 LOW | 6.0 MEDIUM |
| A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system. | |||||
| CVE-2023-5101 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2023-10-11 | N/A | 5.3 MEDIUM |
| Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests. | |||||
| CVE-2023-23365 | 1 Qnap | 1 Music Station | 2023-10-10 | N/A | 6.5 MEDIUM |
| A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later | |||||
| CVE-2023-23366 | 1 Qnap | 1 Music Station | 2023-10-10 | N/A | 6.5 MEDIUM |
| A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later | |||||
| CVE-2023-43856 | 1 Dreamer Cms Project | 1 Dreamer Cms | 2023-09-28 | N/A | 7.5 HIGH |
| Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java. | |||||
| CVE-2023-3712 | 1 Honeywell | 2 Pm43, Pm43 Firmware | 2023-09-19 | N/A | 7.8 HIGH |
| Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006). | |||||
| CVE-2022-28462 | 1 Xxyopen | 1 Novel-plus | 2023-09-13 | 5.0 MEDIUM | 7.5 HIGH |
| novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability. | |||||
| CVE-2023-4588 | 1 Delinea | 1 Secret Server | 2023-09-11 | N/A | 4.9 MEDIUM |
| File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application's webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text. | |||||
| CVE-2023-41717 | 1 Zscaler | 1 Zscaler Proxy | 2023-09-07 | N/A | 5.5 MEDIUM |
| Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions. | |||||
| CVE-2023-4475 | 1 Asustor | 1 Data Master | 2023-08-28 | N/A | 5.5 MEDIUM |
| An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an attacker to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. | |||||