12 matches found
CVE-2026-2331
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...
EUVD-2026-10025
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...
CVE-2026-2331
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...
CVE-2026-2331
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...
CVE-2026-2331 CVE-2026-2331
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...
SICK Lector85x和SICK SICK Lector83x 安全漏洞
SICK Lector85x and SICK SICK Lector83x are a series of QR code image recognition readers developed by the German company SICK. Both devices have security vulnerabilities. These vulnerabilities stem from incorrect access controls. Attackers could potentially perform unauthenticated read and write...
CAS <= 1.0.0 - Unauthenticated Arbitrary File Access
Description This plugin does not validate a path generated with user input when downloading files, allowing unauthenticated user to download arbitrary files from the server https://example.com/wp-content/themes/cas/download.php?path=...
CVE-2021-39703
In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
D-Link DIR-880L and DIR-895 L/R Buffer Overflow Vulnerability
The D-Link DIR-880L is a wireless AC1900 dual-band Gigabit cloud router.The D-Link DIR-895 L/R is an AC5300 Wi-Fi tri-band router. A buffer overflow vulnerability exists in the htdocs/fileaccess.cgi component in the D-Link DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. An attacker can exploit this...
CVE-2015-5954
The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before 7.0.7, and 8.0.x before 8.0.5 does not consider that NULL is a valid getPath return value, which allows remote authenticated users to bypass intended access restrictions and gain access to users files via a sharing link to a fil...
CVE-2014-8659
Directory traversal vulnerability in SAP Environment, Health, and Safety allows remote attackers to read arbitrary files via unspecified vectors...
LoveCMS 1.4 index.php load Parameter Traversal Arbitrary File Access
No description provided by source...