Lucene search
K

3349 matches found

CVE
CVE
added 2022/07/28 12:52 a.m.71 views

CVE-2022-36994

The CVE-2022-36994 issue affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Description: An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server. Root cause: improper access control a...

6.5CVSS6.2AI score0.00528EPSS
Exploits0References1Affected Software4
CVE
CVE
added 2022/07/28 12:48 a.m.68 views

CVE-2022-36999

Summary: CVE-2022-36999 affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an attacker with authenticated access to a NetBackup Client to remotely read files on a NetBackup Primary server under certain conditions. Root cause/detail...

6.5CVSS6.2AI score0.00577EPSS
Exploits0References1Affected Software4
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.4 views

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and backup protection of environmental data such as metadata and virtual environments. A security...

6.5CVSS6.5AI score0.00528EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.4 views

Veritas NetBackup 代码问题漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and backup protection of environmental data such as metadata and virtual environments. A security...

8.8CVSS8AI score0.00591EPSS
Exploits0References2
CNVD
CNVD
added 2022/07/21 12:0 a.m.20 views

Arbitrary File Read Vulnerability in Istar Database Auditing System

Founded in 2003, Beijing Yisetong Technology Development Co., Ltd. is a professional and comprehensive data security vendor in the field of data security. There is an arbitrary file reading vulnerability in Yisetong database auditing system, which can be exploited by an attacker to read any file ...

7.1AI score
Exploits0
CNVD
CNVD
added 2022/07/21 12:0 a.m.26 views

Moodle arbitrary file reading vulnerability

Moodle is a free and open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment.Moodle suffers from an arbitrary file reading vulnerability, which stems from insufficient path checking and can be exploited by...

7.5CVSS4.3AI score0.49102EPSS
Exploits0References1
Prion
Prion
added 2022/07/18 1:15 p.m.20 views

Design/Logic Flaw

Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Reading arbitrary files on the camera's OS as root user...

4CVSS6.5AI score0.00607EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/07/17 5:15 p.m.10 views

CVE-2022-32320

A Cross-Site Request Forgery CSRF in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file...

8.8CVSS0.00418EPSS
Exploits0References3
OSV
OSV
added 2022/07/17 5:15 p.m.17 views

CVE-2022-32320

A Cross-Site Request Forgery CSRF in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file...

8.8CVSS6.9AI score
Exploits0References3
Prion
Prion
added 2022/07/17 5:15 p.m.44 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file...

6.8CVSS8.5AI score0.00418EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2022/07/17 4:24 p.m.13 views

CVE-2022-32320

A Cross-Site Request Forgery CSRF in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file...

8.8AI score0.00418EPSS
Exploits0References3
CVE
CVE
added 2022/07/17 4:24 p.m.93 views

CVE-2022-32320

CVE-2022-32320 describes a Cross-Site Request Forgery (CSRF) in Ferdi (up to 5.8.1) and Ferdium (up to 6.0.0-nightly.98) that allows an attacker to read files via an uploaded file (e.g., settings/preferences). The NVD entry lists a CVSSv3.1 base score of 8.8 ( HIGH ). No exploitation details are ...

8.8CVSS8.5AI score0.00418EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2022/06/06 7:15 p.m.21 views

CVE-2022-32275

Grafana 8.4.3 allows reading files via for example a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content...

7.5CVSS0.08537EPSS
Exploits1References6
OSV
OSV
added 2022/06/06 7:15 p.m.5 views

CVE-2022-32275

Grafana 8.4.3 allows reading files via for example a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content...

7.5CVSS7.5AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/06/06 7:15 p.m.48 views

CVE-2022-32275

Grafana 8.4.3 allows reading files via for example a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content...

7.5CVSS7.1AI score0.08537EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/06/06 6:29 p.m.21 views

CVE-2022-32275

Grafana 8.4.3 allows reading files via for example a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content...

6.7AI score0.08537EPSS
Exploits1References6
CVE
CVE
added 2022/06/06 6:29 p.m.150 views

CVE-2022-32275

Grafana 8.4.3 is listed as CVE-2022-32275 for a potential directory/traversal issue that could let an attacker read arbitrary files via crafted URLs such as /dashboard/snapshot/{...}/etc/passwd. The description notes the vendor’s position that there is no vulnerability and that the request yields...

7.5CVSS7.5AI score0.08537EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/05/26 12:1 a.m.30 views

GHSA-5824-6JFV-XR3R Arbitrary file read in ginadmin

In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading. A patch is available on the master branch of the repository...

7.5CVSS7.6AI score0.0105EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/05/25 4:15 p.m.3 views

CVE-2022-30428

In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading...

7.5CVSS7.2AI score0.0105EPSS
Exploits1References2
NVD
NVD
added 2022/05/25 4:15 p.m.19 views

CVE-2022-30428

In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading...

7.5CVSS0.0105EPSS
Exploits1References1
Rows per page
Query Builder