522 matches found
tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...
undertow: AJP File Read/Inclusion Vulnerability
A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...
OpenSMTPD 6.6.3 - Arbitrary File Read
OpenSMTPD 6.6.3 - Arbitrary File Read Title: OpenSMTPD 6.6.3 - Arbitrary File Read Date: 2020-02-20 Author: qualys Vendor: https://www.opensmtpd.org/ CVE: 2020-8793 / Local information disclosure in OpenSMTPD CVE-2020-8793 Copyright C 2020 Qualys, Inc. This program is free software: you can...
CVE-2020-8793
OpenSMTPD is affected by CVE-2020-8793. OpenSMTPD versions before 6.6.4 allow local attackers to read arbitrary files due to a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c. The vulnerability enables local information disclosure w...
CVE-2020-6856
An XML External Entity XEE vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows attackers to read files from the server via an entity declaration in any of the XML documents that are used to specify the run-time settings of jobs and orders...
PHP 7.2.x < 7.2.26 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.26. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to improper handling of embedded \0 byte character a...
ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46614)
The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...
ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46613)
The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...
ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46611)
The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...
ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46612)
The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...
ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46615)
The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...
CVE-2012-5535
CVE-2012-5535 concerns gnome-system-log polkit policy that allows reading arbitrary files on the system. The root cause is a polkit policy mistake that grants read access beyond intended scope. Impact: confidentiality is potentially HIGH (per CVSS-3.1), with non-trivial access possible without us...
ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46633)
The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...
ZTE ZXR10 1800-2S suffers from a file read vulnerability (CNVD-2019-46634)
The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...
File Read Vulnerability in ZTE ZXR10 1800-2S
The ZXR10 1800-2S is a router product from China's ZTE Corporation ZTE. A file read vulnerability exists in the ZTE ZXR10 1800-2S. An attacker can exploit this vulnerability to read arbitrary files...
DEBIAN-CVE-2009-3614
liboping 1.3.2 allows users reading arbitrary files upon the local system...
CVE-2009-3614
Liboping 1.3.2 is affected by CVE-2009-3614 due to an input validation error that allows reading arbitrary files on the local system. The connected documents reiterate this description but do not provide further technical details (such as affected functions, vectors, or patch versions). No exploi...
File Read Vulnerability in HadSky Light Forums
adSky Light Forum is a newborn original PHP MySQL open source system , the main goal is to achieve light , fast , simple , full , 100% original open source system , which now covers PC, mobile, IOS and Android APP and WeChat applet . HadSky Light Forum file reading vulnerability , attackers can u...
File Read Vulnerability in Huatian Power OA System
Huatian Power OA system is a collaborative office software developed by Dalian Huatian Software Co. A file read vulnerability exists in the Huatian Power OA system, which can be exploited by attackers to obtain sensitive information...
CVE-2019-15065
A service which is hosted on port 6998 in HiNet GPON firmware I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...