CWE:
 

Nic nie znaleziono w bazie WLB2


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-10-15
Waiting for details
CVE-2024-45276

Updating...
 

 
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication.

 
2024-09-26
Waiting for details
CVE-2024-7107

Updating...
 

 
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations.This issue affects CyberMath: before CYBM.240816253.

 
2024-09-18
Waiting for details
CVE-2024-6878

Updating...
 

 
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations.This issue affects Panel: before v2.3.24.

 
2024-09-10
Waiting for details
CVE-2024-8655

Updating...
 

 
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as problematic. This affects an unknown part of the file /web-static/. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

 
Waiting for details
CVE-2024-39581

Updating...
 

 
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files.

 
2024-08-21
Waiting for details
CVE-2023-49198

Updating...
 

 
Mysql security vulnerability in Apache SeaTunnel. Attackers can read files on the MySQL server by modifying the information in the MySQL URL allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360 This issue affects Apache SeaTunnel: 1.0.0. Users are recommended to upgrade to version [1.0.1], which fixes the issue.

 
2024-08-20
Waiting for details
CVE-2024-41699

Updating...
 

 
Priority �?? CWE-552: Files or Directories Accessible to External Parties

 
2024-08-14
Waiting for details
CVE-2024-7729

Updating...
 

 
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files.

 
2024-08-13
Waiting for details
CVE-2024-3913

Updating...
 

 
An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.

 
2024-08-02
Waiting for details
CVE-2024-38876

Updating...
 

 
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2), Omnivise T3000 Domain Controller (All versions >= R9.2), Omnivise T3000 Product Data Management (PDM) (All versions >= R9.2), Omnivise T3000 Terminal Server (All versions >= R9.2), Omnivise T3000 Thin Client (All versions >= R9.2), Omnivise T3000 Whitelisting Server (All versions >= R9.2). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top