CVE-2026-22876

Path Traversal vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If this vulnerability is exploited, arbitrary files on the affected product may be retrieved by a logged-in user with the low"monitoring user" or higher privilege...

DEBIAN-CVE-2025-68920

C-Kermit aka ckermit through 10.0 Beta.12 aka 416-beta12 before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system...

CVE-2025-68920

C-Kermit aka ckermit through 10.0 Beta.12 aka 416-beta12 before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system...

CVE-2022-30302

Multiple relative path traversal vulnerabilities CWE-23 in FortiDeceptor management interface 1.0.0 through 3.2.x, 3.3.0 through 3.3.2, 4.0.0 through 4.0.1 may allow a remote and authenticated attacker to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web...

Path Traversal

org.neo4j.procedure:apoc is vulnerable to path traversal. A remote attacker is able to retrieve and download files from outside the authorized directory and under some circumstances to also create files on the affected server resulting in path traversal vulnerability...

PKI-server 安全漏洞

PKI-server is a J2EE application running on the JBoss server . It is designed to automatically encrypt/decrypt data and apply/validate digital signatures with flags. A security vulnerability exists in PKI-server, which can be exploited by a local attacker to retrieve files in order to obtain the...

Code injection

TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files...

CVE-2018-15465

A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, but unprivileged levels 0 and 1, remote attacker to perform privileged actions by using the web management interface. The vulnerability is due to improper validation of...

CVE-2018-15386

A vulnerability in Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An...

Juniper Contrail XML External Entity Injection Vulnerability

Juniper Contrail is a suite of cloud-based security solutions from Juniper Networks, Inc. The solution provides intelligent automation, application security and reliability for cloud and NFV. An XML external entity injection vulnerability exists in the ifmap service in Juniper Contrail. A remote...

Adobe ColdFusion Information Disclosure Vulnerability (APSB13-13)

Adobe ColdFusion is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VMSA-2011-0008 : VMware vCenter Server and vSphere Client security vulnerabilities

a. vCenter Server Directory Traversal vulnerability A directory traversal vulnerability allows an attacker to remotely retrieve files from vCenter Server without authentication. In order to exploit this vulnerability, the attacker will need to have access to the network on which the vCenter Serve...

CVE-2002-1855

Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...