CVE-2026-23620 GFI MailEssentials AI < 22.4 ListServer.IsDBExist() Absolute Directory Traversal to File Enumeration

GFI MailEssentials AI versions prior to 22.4 contain an arbitrary file existence enumeration vulnerability in the ListServer.IsDBExist web method exposed at /MailEssentials/pages/MailSecurity/ListServer.aspx/IsDBExist. An authenticated user can supply an unrestricted filesystem path via the JSON...

CVE-2026-23620

GFI MailEssentials AI (versions prior to 22.4) contains an information-disclosure vulnerability in ListServer.IsDBExist() at /MailEssentials/pages/MailSecurity/ListServer.aspx/IsDBExist. An authenticated user can provide an unrestricted filesystem path in the JSON key "path" (URL-decoded and pass...

SUSE CVE-2017-18876

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can test for the existence of an arbitrary file...

CVE-2022-27814

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

GHSA-X446-3XHQ-5XFP Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

CVE-2022-27814

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

Design/Logic Flaw

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

CVE-2022-27814

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

CVE-2022-27814

CVE-2022-27814 relates to SWHKD 1.1.5, where the -c option allows arbitrary file-existence tests. The connected sources confirm the vulnerable component is the SWHKD daemon and the condition is a flaw in the -c flag that enables probing for file presence, implying local, low-complexity exploitati...

Security update for xawtv (moderate)

openSUSE Security Update: Security update for xawtv Announcement ID: openSUSE-SU-2020:0787-1 Rating: moderate References: 1171655 Cross-References: CVE-2020-13696 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for...

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:1515-1)

rubygem-actionpack-32 was updated to fix two security issues. These security issues were fixed : - Arbitrary file existence disclosure CVE-2014-7829. - Arbitrary file existence disclosure CVE-2014-7818. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

openSUSE Security Update : rubygem-sprockets-2_1 (openSUSE-SU-2014:1502-1)

rubygem-sprockets-21 was updated to fix one security issue. This security issue was fixed : - Arbitrary file existence disclosure CVE-2014-7819. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

CVE-2006-5966

Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to 1 reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or 2 determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control...