Lucene search
+L

522 matches found

RedHat Linux
RedHat Linux
added 2020/03/17 1:10 p.m.5 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits46References11
RedHat Linux
RedHat Linux
added 2020/03/12 5:22 p.m.4 views

undertow: AJP File Read/Inclusion Vulnerability

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...

9.8CVSS7.2AI score0.04837EPSS
Exploits0References7
exploitpack
exploitpack
added 2020/02/26 12:0 a.m.110 views

OpenSMTPD 6.6.3 - Arbitrary File Read

OpenSMTPD 6.6.3 - Arbitrary File Read Title: OpenSMTPD 6.6.3 - Arbitrary File Read Date: 2020-02-20 Author: qualys Vendor: https://www.opensmtpd.org/ CVE: 2020-8793 / Local information disclosure in OpenSMTPD CVE-2020-8793 Copyright C 2020 Qualys, Inc. This program is free software: you can...

4.7CVSS0.1AI score0.009EPSS
Exploits4
CVE
CVE
added 2020/02/25 4:22 p.m.161 views

CVE-2020-8793

OpenSMTPD is affected by CVE-2020-8793. OpenSMTPD versions before 6.6.4 allow local attackers to read arbitrary files due to a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c. The vulnerability enables local information disclosure w...

4.7CVSS4.7AI score0.009EPSS
Exploits4References5Affected Software1
NVD
NVD
added 2020/02/06 5:15 p.m.20 views

CVE-2020-6856

An XML External Entity XEE vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows attackers to read files from the server via an entity declaration in any of the XML documents that are used to specify the run-time settings of jobs and orders...

6.5CVSS6.4AI score0.00926EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/01/10 12:0 a.m.158 views

PHP 7.2.x < 7.2.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.26. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to improper handling of embedded \0 byte character a...

7.5CVSS7.4AI score0.08818EPSS
Exploits5References6
CNVD
CNVD
added 2019/11/26 12:0 a.m.2 views

ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46614)

The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/11/26 12:0 a.m.4 views

ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46613)

The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/11/26 12:0 a.m.3 views

ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46611)

The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/11/26 12:0 a.m.2 views

ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46612)

The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/11/26 12:0 a.m.3 views

ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46615)

The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...

6.8AI score
Exploits0
CVE
CVE
added 2019/11/25 1:11 p.m.49 views

CVE-2012-5535

CVE-2012-5535 concerns gnome-system-log polkit policy that allows reading arbitrary files on the system. The root cause is a polkit policy mistake that grants read access beyond intended scope. Impact: confidentiality is potentially HIGH (per CVSS-3.1), with non-trivial access possible without us...

7.5CVSS7.3AI score0.01639EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2019/11/25 12:0 a.m.4 views

ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46633)

The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/11/25 12:0 a.m.3 views

ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46634)

The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/11/25 12:0 a.m.5 views

File Read Vulnerability in ZTE ZXR10 1800-2S

The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...

6.8AI score
Exploits0
OSV
OSV
added 2019/11/09 3:15 a.m.3 views

DEBIAN-CVE-2009-3614

liboping 1.3.2 allows users reading arbitrary files upon the local system...

3.3CVSS4.7AI score0.00347EPSS
Exploits0References1
CVE
CVE
added 2019/11/09 2:40 a.m.197 views

CVE-2009-3614

Liboping 1.3.2 is affected by CVE-2009-3614 due to an input validation error that allows reading arbitrary files on the local system. The connected documents reiterate this description but do not provide further technical details (such as affected functions, vectors, or patch versions). No exploi...

3.3CVSS4.2AI score0.00347EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/11/01 12:0 a.m.4 views

File Read Vulnerability in HadSky Light Forums

adSky Light Forum is a newborn original PHP MySQL open source system , the main goal is to achieve light , fast , simple , full , 100% original open source system , which now covers PC, mobile, IOS and Android APP and WeChat applet . HadSky Light Forum file reading vulnerability , attackers can u...

6.7AI score
Exploits0
CNVD
CNVD
added 2019/10/28 12:0 a.m.2 views

File Read Vulnerability in Huatian Power OA System

Huatian Power OA system is a collaborative office software developed by Dalian Huatian Software Co. A file read vulnerability exists in the Huatian Power OA system, which can be exploited by attackers to obtain sensitive information...

6.7AI score
Exploits0
NVD
NVD
added 2019/10/17 8:15 p.m.15 views

CVE-2019-15065

A service which is hosted on port 6998 in HiNet GPON firmware I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...

9.3CVSS9.2AI score0.01203EPSS
Exploits0References2
Rows per page
Query Builder