Linux Distros Unpatched Vulnerability : CVE-2025-46717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no or very limited sudo privileges can determine...

Linux Distros Unpatched Vulnerability : CVE-2022-47952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree,...

CVE-2025-46704

A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing...

CVE-2025-46704 Advantech iView Path Traversal

A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing...

CVE-2025-46804 Screen 5.0.0 and older versions allow file existence tests when installed setuid-root

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

CVE-2025-30170

Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers access to file system information if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through...

CVE-2024-42499

Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an attacker may be able to know whether a file exists at a specific path, and/or obtain some part of the file contents under specif...

CVE-2022-25204

Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to control agent processes to determine whether a file with a given name exists...

CVE-2022-27814

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

CVE-2020-15820

In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence...

CVE-2025-46717

A flaw was found in sudo-rs. This vulnerability allows discovery of file existence via the --list command, which can reveal sensitive information...

DEBIAN-CVE-2025-46717

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no or very limited sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list . Users with local access to a machine can discover the...

UBUNTU-CVE-2025-46717

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no or very limited sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list . Users with local access to a machine can discover the...

Exploit for Generation of Error Message Containing Sensitive Information in Ollama

Ollama File Existence Disclosure Vulnerability CVE-2024-39719...

jenkins-plugin/script-security: Jenkins Script Security Plugin File Disclosure Vulnerability

A flaw was found in the Jenkins Script Security Plugin. This vulnerability allows attackers with Overall/Read permission to check for the existence of files on the controller file system via a method that implements form validation that does not perform a permission check...

CVE-2025-0525

In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in further attacks against the server...

CVE-2025-0525

In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in further attacks against the server...

CVE-2025-0525

In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in further attacks against the server...

CVE-2025-0525

In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in further attacks against the server...

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from the Preview Import feature that can be utilized to identify the presence of a target file...