15 matches found
CVE-2026-22915
An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information...
CVE-2026-22915
An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information...
CVE-2026-22915
An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information...
CVE-2026-22915
CVE-2026-22915 is described across multiple feeds as a low-privilege read-disclosure affecting unspecified directory paths on the device. Public documents consistently state attacker cannot escalate privileges beyond low level and no active exploits are reported in PSIRT/SICK sources. Red Hat and...
CVE-2026-22915
An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information...
EUVD-2026-2814
An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information...
CVE-2026-22915
An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information...
PT-2026-2996
Name of the Vulnerable Software and Affected Versions versions prior to 2026-22915 Description An attacker with limited access rights could potentially read files from designated directories on a device, which may lead to the disclosure of confidential data. Approximately zero devices are estimat...
EZVIZ Studio Security Vulnerability
EZVIZ Studio is an application from the Chinese company Fluorite EZVIZ. It is used to manage your camera on a personal computer. A security vulnerability exists in EZVIZ Studio version v2.2.0, which originates from a DLL hijacking that can be performed by planting a malicious TcApi.dll in certain...
CVE-2023-20195
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of...
modDetective - Tool That Chronologizes Files Based On Modification Time In Order To Investigate Recent System Activity
modDetective is a small Python tool that chronologizes files based on modification time in order to investigate recent system activity. This can be used in CTF's in order to pinpoint where escalation and attack vectors may exist. To see the tool in its most useful form, try running the command as...
Mozilla: Temporary files downloaded to /tmp and accessible by other local users
The Mozilla Foundation Security Advisory describes this flaw as: Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior...
Arbitrary File Write
rasa is vulnerable to arbitrary file write. A malicious user is able to cause arbitrary file writes within specific directories via a trained model which contains a crafted model.tar.gz file...
CVE-2018-10027
ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILESX86%\ESTsoft\ALZip\Formats, or...
CVE-2011-1072
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the 1 downloaddir, 2 cachedir, 3 tmpdir, and 4 pear-build-download directories, a different vulnerability than CVE-2007-2519...