Lucene search
K

37 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in PackageKit

PackageKit provided detailed error messages to unprivileged callers who were exposed to information about the presence of files and their mimetypes. This information was difficult for those callers to determine on their own...

3.3CVSS6AI score0.00462EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: PackageKit (UTSA-2026-016629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016629 advisory. PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable ...

3.3CVSS5.8AI score0.00462EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/07 9:34 a.m.9 views

CVE-2019-7483

In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...

7.5CVSS6.8AI score0.03977EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.4 views

The vulnerability of the Manager component in the Wowza Streaming Engine server software allows a hacker to gain access and delete directories.

The vulnerability of the Manager component in the Wowza Streaming Engine server software is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain access and delete directories, provided that the target...

6.8CVSS5.5AI score0.00677EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2024/11/14 8:7 a.m.13 views

Sensitive Information Disclosure

github.com/ollama/ollama is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the CreateModel route reflecting "File does not exist" error messages when given a non-existent file path, allowing attackers to confirm file presence on the server...

7.5CVSS7AI score0.04237EPSS
Exploits2References3Affected Software1
Github Security Blog
Github Security Blog
added 2023/12/05 11:43 p.m.12 views

PyDrive2's unsafe YAML deserialization in LoadSettingsFile allows arbitrary code execution

Summary Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, or if it is loaded in via LoadSettingsFile. Details The loader being imported from the yaml library is...

7.8CVSS7.7AI score0.0051EPSS
Exploits1References7Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:55 a.m.2 views

SUSE CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

3.3CVSS5.6AI score0.00462EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.6 views

Micro Focus NetIQ Identity Manager 安全漏洞

Micro Focus NetIQ Identity Manager is a suite of identity management solutions from Micro Focus UK. The solution provides the foundation for account provisioning, user self-service, authorization and Web services, and supports data sharing and synchronization. A security vulnerability exists in...

5.3CVSS5.7AI score0.00462EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2022/05/24 12:0 a.m.17 views

Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk...

6.5CVSS1.9AI score0.3279EPSS
In wildExploits0
CNVD
CNVD
added 2022/04/18 12:0 a.m.20 views

SWHKD has unspecified vulnerabilities

SWHKD is a hotkey daemon made with Rust that is independent of the display protocol. SWHKD has security vulnerabilities that can be exploited by attackers to perform arbitrary file presence tests with the -c option...

3.3CVSS2.9AI score0.00446EPSS
Exploits1References1
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/28 12:0 a.m.12 views

SonicWall SMA100 Directory Traversal Vulnerability

In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...

7.5CVSS3.3AI score0.03977EPSS
In wildExploits0
OSV
OSV
added 2021/10/15 11:3 a.m.3 views

OESA-2021-1381 PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API. Security Fixes: PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of...

3.3CVSS6.7AI score0.00462EPSS
Exploits1References2
NVD
NVD
added 2020/11/07 4:15 a.m.12 views

CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

3.3CVSS4AI score0.00462EPSS
Exploits1References2
OSV
OSV
added 2020/11/07 4:15 a.m.3 views

DEBIAN-CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

3.3CVSS4.8AI score0.00462EPSS
Exploits1References1
Prion
Prion
added 2020/11/07 4:15 a.m.15 views

Information disclosure

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

2.1CVSS3.9AI score0.00462EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/31 3:45 a.m.29 views

CVE-2020-15703 aptdaemon allows unprivileged users to test for the presence of local files via the transaction Locale property

There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...

4CVSS3.8AI score0.0048EPSS
Exploits1References2
OSV
OSV
added 2020/09/24 12:0 a.m.2 views

UBUNTU-CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

3.3CVSS5.8AI score0.00462EPSS
Exploits1References4
NVD
NVD
added 2019/12/19 1:15 a.m.25 views

CVE-2019-7483

In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...

7.5CVSS7.5AI score0.03977EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2019/12/19 12:35 a.m.5 views

CVE-2019-7483

In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...

7.5AI score0.03977EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/12/19 12:35 a.m.23 views

CVE-2019-7483

In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...

7.5AI score0.03977EPSS
Exploits0References1
Rows per page
Query Builder