37 matches found
Astra Linux – Vulnerability in PackageKit
PackageKit provided detailed error messages to unprivileged callers who were exposed to information about the presence of files and their mimetypes. This information was difficult for those callers to determine on their own...
Unity Linux 20.1060e / 20.1070e Security Update: PackageKit (UTSA-2026-016629)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016629 advisory. PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable ...
CVE-2019-7483
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...
The vulnerability of the Manager component in the Wowza Streaming Engine server software allows a hacker to gain access and delete directories.
The vulnerability of the Manager component in the Wowza Streaming Engine server software is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain access and delete directories, provided that the target...
Sensitive Information Disclosure
github.com/ollama/ollama is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the CreateModel route reflecting "File does not exist" error messages when given a non-existent file path, allowing attackers to confirm file presence on the server...
PyDrive2's unsafe YAML deserialization in LoadSettingsFile allows arbitrary code execution
Summary Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, or if it is loaded in via LoadSettingsFile. Details The loader being imported from the yaml library is...
SUSE CVE-2020-16121
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...
Micro Focus NetIQ Identity Manager 安全漏洞
Micro Focus NetIQ Identity Manager is a suite of identity management solutions from Micro Focus UK. The solution provides the foundation for account provisioning, user self-service, authorization and Web services, and supports data sharing and synchronization. A security vulnerability exists in...
Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk...
SWHKD has unspecified vulnerabilities
SWHKD is a hotkey daemon made with Rust that is independent of the display protocol. SWHKD has security vulnerabilities that can be exploited by attackers to perform arbitrary file presence tests with the -c option...
SonicWall SMA100 Directory Traversal Vulnerability
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...
OESA-2021-1381 PackageKit security update
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API. Security Fixes: PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of...
CVE-2020-16121
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...
DEBIAN-CVE-2020-16121
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...
Information disclosure
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...
CVE-2020-15703 aptdaemon allows unprivileged users to test for the presence of local files via the transaction Locale property
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...
UBUNTU-CVE-2020-16121
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...
CVE-2019-7483
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...
CVE-2019-7483
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...
CVE-2019-7483
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server...