5 matches found
CVE-2026-25992 SiYuan has a File Read Interface Case Bypass Vulnerability
SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read...
CVE-2026-25992 SiYuan has a File Read Interface Case Bypass Vulnerability
SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read...
CVE-2020-7296
Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface...
McAfee Web Gateway Elevation of Privilege Vulnerability (CNVD-2020-52201)
McAfee Web Gateway is a high-performance secure Web gateway with best-in-class threat protection in a unified appliance software architecture. An elevation of privilege vulnerability exists in McAfee Web Gateway versions prior to 9.2.1. The vulnerability stems from improper user interface access...
CVE-2020-7296
Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface...