Total
236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32752 | 1 Ethercreative | 1 Logs | 2023-12-10 | 4.0 MEDIUM | 4.9 MEDIUM |
| Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may disable the plugin if untrustworthy sources have admin access. | |||||
| CVE-2021-34765 | 1 Cisco | 1 Nexus Insights | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. The attacker requires valid device credentials. This vulnerability exists because proper role-based access control (RBAC) filters are not applied to file download actions. An attacker could exploit this vulnerability by logging in to the application and then navigating to the directory listing and download functions. A successful exploit could allow the attacker to download sensitive files that should be restricted, which could result in disclosure of sensitive information. | |||||
| CVE-2021-39316 | 1 Digitalzoomstudio | 1 Zoomsounds | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal in the `link` parameter. | |||||
| CVE-2021-31831 | 1 Mcafee | 1 Database Security | 2023-12-10 | 6.5 MEDIUM | 5.5 MEDIUM |
| Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API. | |||||
| CVE-2020-25351 | 1 Rconfig | 1 Rconfig | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. This vulnerability allowed remote authenticated attackers to read files on the system via a crafted request sent to to the /lib/crud/configcompare.crud.php script. | |||||
| CVE-2021-29024 | 1 Invoiceplane | 1 Invoiceplane | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. Allowing an attacker to directory traversal and download files suppose to be private without authentication. | |||||
| CVE-2018-10867 | 1 Redhat | 1 Certification | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user. | |||||
| CVE-2021-21429 | 1 Openapi-generator | 1 Openapi Generator | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. OpenAPI Generator maven plug-in creates insecure temporary files during the process. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version. | |||||
| CVE-2020-22124 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information. | |||||
| CVE-2021-36233 | 1 Unit4 | 1 Mik.starlight | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path. | |||||
| CVE-2021-1512 | 1 Cisco | 23 Catalyst Sd-wan Manager, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 20 more | 2023-12-10 | 3.6 LOW | 6.0 MEDIUM |
| A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system. | |||||
| CVE-2021-29969 | 1 Mozilla | 1 Thunderbird | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
| If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. This vulnerability affects Thunderbird < 78.12. | |||||
| CVE-2020-26183 | 1 Dell | 1 Emc Networker | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability. Certain remote users with low privileges may exploit this vulnerability to perform 'nsrmmdbd' operations in an unintended manner. | |||||
| CVE-2020-1908 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2023-12-10 | 2.1 LOW | 4.6 MEDIUM |
| Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked. | |||||
| CVE-2021-1361 | 1 Cisco | 49 Nexus 3000, Nexus 3100, Nexus 3100-z and 46 more | 2023-12-10 | 9.4 HIGH | 9.1 CRITICAL |
| A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing. | |||||
| CVE-2020-13953 | 1 Apache | 1 Tapestry | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run. | |||||
| CVE-2021-20182 | 1 Redhat | 1 Openshift Container Platform | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as the network and storage devices, to at least escalate their privileges to that of the cluster admin. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2020-17519 | 1 Apache | 1 Flink | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master. | |||||
| CVE-2020-3476 | 1 Cisco | 1 Ios | 2023-12-10 | 3.6 LOW | 6.0 MEDIUM |
| A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system. | |||||
| CVE-2020-15175 | 1 Glpi-project | 1 Glpi | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| In GLPI before version 9.5.2, the `?pluginimage.send.php?` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and folders contained in “/files/”. Some of the sensitive information that is compromised are the user sessions, logs, and more. An attacker would be able to get the Administrators session token and use that to authenticate. The issue is patched in version 9.5.2. | |||||