11 matches found
EUVD-2025-13912
Malicious code in bioql PyPI...
CVE-2020-24571
NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal...
CVE-2024-45480 Unauthorized local file reading in B&R APROL
An improper control of generation of code 'Code Injection' vulnerability in the AprolCreateReport component of B&R APROL 4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system...
CVE-2024-49360 Path traversal in Sandboxie
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. An authenticated user UserA with no privileges is authorized to read all files created in sandbox belonging to other users in the sandbox folders C:\Sandbox\UserB\xxx. An authenticated attack...
PT-2023-1153 · Ge · Proficy Historian
Name of the Vulnerable Software and Affected Versions: GE Proficy Historian affected versions not specified Description: The issue is related to insufficient access control, which could allow an unauthorized user to read any file on the system, potentially exposing sensitive information. An...
GHSA-R9X7-2XMR-V8FW mangadex-downloader vulnerable to unauthorized file reading
Impact When using file: command and is web URL location http, https. mangadex-downloader will try to open and read a file in local disk if the content from online file is exist-as-a-file in victim computer So far, the app only read the files and not execute it. But still, when someone reading you...
mangadex-downloader vulnerable to unauthorized file reading
Impact When using file: command and is web URL location http, https. mangadex-downloader will try to open and read a file in local disk if the content from online file is exist-as-a-file in victim computer So far, the app only read the files and not execute it. But still, when someone reading you...
CVE-2022-36082 mangadex-downloader vulnerable to unauthorized file reading
mangadex-downloader is a command-line tool to download manga from MangaDex. When using file: command and is a web URL location http, https, mangadex-downloader between versions 1.3.0 and 1.7.2 will try to open and read a file in local disk for each line of website contents. Version 1.7.2 contains...
CVE-2022-36082 mangadex-downloader vulnerable to unauthorized file reading
mangadex-downloader is a command-line tool to download manga from MangaDex. When using file: command and is a web URL location http, https, mangadex-downloader between versions 1.3.0 and 1.7.2 will try to open and read a file in local disk for each line of website contents. Version 1.7.2 contains...
Fedora Core 6 : xen-3.0.3-8.fc6 (2007-343)
A flaw was found affecting the VNC server code in QEMU. On a fully virtualized guest VM, where qemu monitor mode is enabled, a user who had access to the VNC server could gain the ability to read arbitrary files as root in the host filesystem. CVE-2007-0998 Note that Tenable Network Security has...
Generation Terrorists Designs & Concepts Sojourn 2.0 - File Access
source: https://www.securityfocus.com/bid/1052/info Any file that the webserver has read access to can be read on a server running the Sojourn search engine. The Sojourn software includes the ability to organize a website into categories. These categories can then be accessed via the sojourn.cgi...