CVE-2011-0244

WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds...

CVE-2020-7648

All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. package.json...

CVE-2020-7653

All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network by creating symlinks to match whitelisted paths...

CVE-2020-7914

In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3...

CVE-2020-7650

All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json...

CVE-2020-10086

GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular endpoint was vulnerable to a directory traversal vulnerability, leading to arbitrary file read...

CVE-2020-10578

An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS v3.0.1...

CVE-2020-24137

Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the path parameter to wex/cssjs.php...

CVE-2024-34245

An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtmljsaction.php...

CVE-2024-39036

SeaCMS v12.9 is vulnerable to Arbitrary File Read via adminsafe.php...

CVE-2024-39150

vditor v.3.9.8 and before is vulnerable to Arbitrary file read via a crafted data packet...

CVE-2024-39178

MyPower vc8100 V100R001C00B030 was discovered to contain an arbitrary file read vulnerability via the component /tcpdump/tcpdump.php?menuuuid...

CVE-2023-49863

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the downloadURLwebpimage parameter...

CVE-2023-49864

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the downloadURLimage parameter...

CVE-2023-45593

A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser concerning the handling of alternative URLs, other than “ http://localhost” allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and...

CVE-2025-40584

A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 All versions, SIMOTION SCOUT TIA V5.5 All versions, SIMOTION SCOUT TIA V5.6 All versions V5.6 SP1 HF7, SIMOTION SCOUT TIA V5.7 All versions V5.7 SP1 HF1, SIMOTION SCOUT V5.4 All versions, SIMOTION SCOUT V5.5 All versions, SIMOTION SCO...

CVE-2022-38088

A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-26067

An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this...

CVE-2017-18712

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0....

CVE-2017-18769

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50,...