Vulnerabilities > Files or Directories Accessible to External Parties

DATE CVE VULNERABILITY TITLE RISK
2021-01-14 CVE-2020-27368 Files or Directories Accessible to External Parties vulnerability in Totolink A702R Firmware 1.0.0B20161227.1023
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.
local
low complexity
totolink CWE-552
5.5
5.5
2021-01-05 CVE-2020-17519 Files or Directories Accessible to External Parties vulnerability in Apache Flink 1.11.0/1.11.1/1.11.2
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process.
network
low complexity
apache CWE-552
7.5
7.5
2020-11-17 CVE-2020-26549 Files or Directories Accessible to External Parties vulnerability in Aviatrix Controller 5.3.1516
An issue was discovered in Aviatrix Controller before R5.4.1290.
network
low complexity
aviatrix CWE-552
7.5
7.5
2020-11-03 CVE-2020-1908 Files or Directories Accessible to External Parties vulnerability in Whatsapp and Whatsapp Business
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked.
low complexity
whatsapp CWE-552
4.6
4.6
2020-10-16 CVE-2020-26183 Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker
Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.
network
low complexity
dell CWE-552
6.5
6.5
2020-10-16 CVE-2020-26182 Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability.
network
low complexity
dell CWE-552
6.5
6.5
2020-10-15 CVE-2020-11642 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.
network
low complexity
br-automation CWE-552
6.5
6.5
2020-10-15 CVE-2020-11641 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.
network
low complexity
br-automation CWE-552
6.5
6.5
2020-10-05 CVE-2020-25636 Files or Directories Accessible to External Parties vulnerability in Redhat Ansible 2.10.1
A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers.
local
low complexity
redhat CWE-552
7.1
7.1
2020-09-30 CVE-2020-13953 Files or Directories Accessible to External Parties vulnerability in Apache Tapestry
In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run.
network
low complexity
apache CWE-552
5.3
5.3