105 matches found
PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion
Files on the Windows system are accessible without authentication to external parties due to a local file inclusion in PerkinElmer ProcessPlus.This issue affects ProcessPlus through 1.11.6507.0. id: CVE-2024-6911 info: name: PerkinElmer ProcessPlus = 1.11.6507.0 - Local File Inclusion author:...
Microsoft Word Information Disclosure Vulnerability
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
Microsoft Partner Center 安全漏洞
The Microsoft Partner Center is an online platform operated by Microsoft Corporation in the United States. There is a security vulnerability in the Microsoft Partner Center, which stems from cross-domain resource references controlled by external parties. This vulnerability could allow unauthoriz...
Files or Directories Accessible to External Parties
Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties through the importStdMd import process in kernel/api/import.go. An attacker can import data from sensitive or unintended local paths and potentially access or expose local files by...
Files or Directories Accessible to External Parties
Overview mineadmin/mineadmin is a Quickly build a background management system for web applications Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the Swagger component. An attacker can access sensitive information by sending crafted...
Tandoor Recipes: Security Vulnerabilities
Tandoor Recipes is an open-source application designed for managing recipes, planning meals, creating shopping lists, and more. Versions of Tandoor Recipes from 23.05 to 26.05 contained security vulnerabilities. These vulnerabilities stemmed from the default configuration, where database files...
CVE-2025-11959 Improper Access Control in Premierturk's Excavation Management Information System
Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse. This issue affects Excavation...
EUVD-2021-23351
Malware in sbrugna...
EUVD-2025-4362
Malicious code in bioql PyPI...
EUVD-2023-2172
Malicious code in bioql PyPI...
EUVD-2024-46320
Malicious code in bioql PyPI...
EUVD-2024-54218
Malicious code in bioql PyPI...
EUVD-2022-40054
Malicious code in bioql PyPI...
EUVD-2024-37321
Malicious code in bioql PyPI...
Files or Directories Accessible to External Parties
Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests to exposed resources. Note: This is only exploitable if the attacker...
Apache Kylin Files or Directories Accessible to External Parties
Files or Directories Accessible to External Parties vulnerability in Apache Kylin. You are fine as long as the Kylin's system and project admin access is well protected. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the...
The vulnerability of the Sparkle framework on the Oracle Java SE software platform arises from the ability to expose files or directories to external parties. This allows a perpetrator to bypass the signature verification mechanism and gain full control over the application.
The vulnerability of the Sparkle framework on the Oracle Java SE software platform relates to the exposure of files or directories to external parties. Exploiting this vulnerability could allow an attacker to bypass the EdDSA signature verification and gain full control over the application...
CVE-2025-30103
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker...
Files or Directories Accessible to External Parties
Overview github.com/minio/minio/cmd is an open source object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the function ListMultipartUploads in the file erasure-server-pool.go. An attacker...
CVE-2025-5273
All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server...