Vulnerabilities > Files or Directories Accessible to External Parties

DATE CVE VULNERABILITY TITLE RISK
2020-10-16 CVE-2020-26183 Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker
Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.
network
low complexity
dell CWE-552
6.5
2020-10-16 CVE-2020-26182 Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability.
network
low complexity
dell CWE-552
6.5
2020-10-15 CVE-2020-11642 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.
network
low complexity
br-automation CWE-552
6.5
2020-10-15 CVE-2020-11641 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.
network
low complexity
br-automation CWE-552
6.5
2020-10-05 CVE-2020-25636 Files or Directories Accessible to External Parties vulnerability in Redhat Ansible 2.10.1
A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers.
local
low complexity
redhat CWE-552
7.1
2020-09-30 CVE-2020-13953 Files or Directories Accessible to External Parties vulnerability in Apache Tapestry
In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run.
network
low complexity
apache CWE-552
5.3
2020-09-24 CVE-2020-3476 Files or Directories Accessible to External Parties vulnerability in Cisco IOS 16.10.1/16.9
A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system.
local
low complexity
cisco CWE-552
6.0
2020-08-26 CVE-2020-24312 Files or Directories Accessible to External Parties vulnerability in Webdesi9 File Manager
mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fm_backups directory with a .htaccess file.
network
low complexity
webdesi9 CWE-552
7.5
2020-08-11 CVE-2020-11976 Files or Directories Accessible to External Parties vulnerability in Apache Fortress and Wicket
By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates.
network
low complexity
apache CWE-552
7.5
2020-07-07 CVE-2020-4075 Files or Directories Accessible to External Parties vulnerability in Electronjs Electron
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open.
network
low complexity
electronjs CWE-552
7.5