Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.19 views

Debian dla-3872 : glance - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3872 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3872-1 [email protected] https://www.debian.org/lts/security/...

6.5CVSS6.8AI score0.00835EPSS
Exploits0References4
NVD
NVD
added 2021/09/30 11:15 a.m.16 views

CVE-2021-41293

ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Using the specific POST parameter, unauthenticated attackers can remotely disclose arbitrary files on the affected device and disclose sensitive and system information...

7.5CVSS0.20084EPSS
Exploits1References1
Prion
Prion
added 2021/09/30 11:15 a.m.22 views

Path traversal

ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Using the specific POST parameter, unauthenticated attackers can remotely disclose arbitrary files on the affected device and disclose sensitive and system information...

5CVSS7.5AI score0.20084EPSS
Exploits1References1
CVE
CVE
added 2021/09/30 10:40 a.m.83 views

CVE-2021-41293

The ECOA Building Automation System (BAS) controller is affected by a path traversal/arbitrary file disclosure vulnerability. Affected component/file: viewlog.jsp; attack vector is via the POST parameter fname, allowing an unauthenticated attacker to disclose arbitrary files and sensitive system ...

7.5CVSS7.5AI score0.20084EPSS
In wildExploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2021/08/16 8:15 a.m.252 views

CVE-2021-23423

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output...

7.5CVSS7.1AI score0.01106EPSS
Exploits1References2
Prion
Prion
added 2021/03/15 5:15 p.m.24 views

Design/Logic Flaw

A vulnerability has been identified in Solid Edge SE2020 All Versions SE2020MP13, Solid Edge SE2021 All Versions SE2021MP3. When opening a specially crafted SEECTCXML file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted...

4.3CVSS5.6AI score0.00888EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.24 views

CentOS 8 : openwsman (CESA-2019:0972)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:0972 advisory. - openwsman: Disclosure of arbitrary files outside of the registered URIs CVE-2019-3816 Note that Nessus has not tested for this issue but has instead relied on...

7.5CVSS7.7AI score0.14739EPSS
Exploits0References2
NVD
NVD
added 2019/08/06 11:15 p.m.19 views

CVE-2019-14700

An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if that file exists...

7.5CVSS7.5AI score0.02083EPSS
Exploits0References3
OSV
OSV
added 2019/08/06 11:15 p.m.3 views

CVE-2019-14700

An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if that file exists...

7.5CVSS7.2AI score0.02083EPSS
Exploits0References3
OwnCloud
OwnCloud
added 2016/07/13 2:0 a.m.494 views

Server: Disclosure of arbitrary certificate files

The 'Import root certificate' ability that users are able to use once filesexternal is enabled allows users to import their own root certificates for connections. e.g. server-to-server shares to servers using a self-signed certificate or external storages The functionality was using the PHP OpenS...

6.6AI score
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2012/08/27 11:55 p.m.35 views

CVE-2012-1586

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message...

2.1CVSS7.1AI score0.00729EPSS
Exploits0References1
exploitpack
exploitpack
added 2005/05/30 12:0 a.m.24 views

ServersCheck 5.95.10 - Directory Traversal

ServersCheck 5.95.10 - Directory Traversal source: https://www.securityfocus.com/bid/13810/info ServersCheck is affected by a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

0.2AI score
Exploits0
Rows per page
Query Builder