7 matches found
CVE-2026-29203
A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path...
CVE-2021-26067
Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. The affected versions...
Path traversal
Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. The affected versions...
Accessing the URL /chart?filename=<file_name> exposes sensitive information - CVE-2021-26067
Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. The affected versions...
Fedora 14 : java-1.6.0-openjdk-1.6.0.0-54.1.9.9.fc14 (2011-9523)
PR744: icedtea6-1.10.2 : patching error - PR748: Icedtea6 fails to build with Linux 3.0. - RH718164, CVE-2011-2513: Home directory path disclosure to untrusted applications Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Fedora 15 : icedtea-web-1.0.4-1.fc15 (2011-9541)
This security fix that addresses the following issues : - RH718164: Home directory path disclosure to untrusted applications - RH718170: Java Web Start security warning dialog manipulation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
CVE-1999-0201
A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user...