132 matches found
PYSEC-2023-136
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read fil...
CVE-2022-36328 Path Traversal Vulnerability leading to an arbitrary file read in Western Digital devices
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western Digital My Cloud Home, M...
Node.js: fs.openAsBlob() bypasses permission system
The fs.openAsBlob method in Node.js, when used with the --experimental-permission flag, allowed bypassing the permission system and reading files without the required permissions...
The vulnerability of the ClamAV antivirus program lies in the improper restriction of recursive references to objects in the DTDS, which allows a hacker to gain access to confidential information.
The vulnerability in the ClamAV scanning library relates to the possibility of replacing the XML payload, which may lead to the insertion of an external payload. Exploiting this vulnerability allows a malicious actor to send specially created XML code to the antivirus software and to read bytes...
PT-2023-20030 · Swig +1 · Swig +1
Name of the Vulnerable Software and Affected Versions: swig-templates versions 2.0.4 and earlier swig versions 1.4.2 and earlier Description: A directory traversal issue allows attackers to read arbitrary files via the include or extends tags. This can be exploited by attackers to access sensitiv...
LavaLite 路径遍历漏洞
LavaLite is an open source lightweight content management system CMS. A path traversal vulnerability exists in LavaLite version 9.0.0, which stems from the vulnerability of its SRF-TOKEN cookie to path traversal attacks, allowing read access to arbitrary files on the server...
Information leakage vulnerability of multiple Siemens products
Siemens Desigo PX is a building automation control system from Siemens, a German company. The information disclosure vulnerability in several Siemens products stems from the fact that the endpoint of the "Operation" web application that interprets and executes Axon language queries allows file re...
CVE-2022-40177
A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...
CVE-2022-40177
A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...
CVE-2022-40177
CVE-2022-40177 affects Siemens Desigo PXM devices (PXM30-1/30.E/40-1/40.E/50-1/50.E; PXG3.W100-1/2; PXG3.W200-1/2) where the Operation web application Axon interface can read device files with root privileges. The root cause is improper file-system access control via Axon queries, enabling a remo...
GHSA-9W4F-3V37-6F75 ceph-deploy allows local users to obtain sensitive information by reading the file
ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
GHSA-JPR7-8RXM-4VGX Tryton allow authenticated users with certain permissions to read arbitrary files via the name parameter
fileopen in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors...
GHSA-XXJJ-JHGC-R68F Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter
Absolute path traversal vulnerability in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote authenticated administrators to read arbitrary files via a full pathname in the filePath.0 parameter...
CVE-2021-22571 Information Leak in SA360-webquery-bigquery through read on /tmp
A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...
CVE-2022-25249
When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions disregarding Axeda agent v6.9.2 and v6.9.3 is vulnerable to directory traversal, which could allow a remote unauthenticated attacker to obtain file system read access via web server...
CVE-2021-22870 Path traversal in GitHub Enterprise Server hosted Pages leads to unauthorized file read access
A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. Th...
CVE-2021-34700
A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This vulnerability exists because access to sensitive information on an affected system is not sufficient...
CVE-2020-17519
A change introduced in Apache Flink 1.11.0 and released in 1.11.1 and 1.11.2 as well allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users shou...
PT-2020-15252 · Uftpd · Uftpd
Name of the Vulnerable Software and Affected Versions: uftpd FTP server versions 2.7 to 2.10 Description: The issue arises from improper implementation of a chroot jail in the compose abspath function in common.c, leading to multiple unauthenticated directory traversal vulnerabilities in differen...
EAP: XXE issue in TransformerFactory
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed...