Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-30 | CVE-2021-35203 | Files or Directories Accessible to External Parties vulnerability in Netscout Ngeniusone 6.3.0 NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. | 5.7 |
| 2021-09-29 | CVE-2021-41573 | Files or Directories Accessible to External Parties vulnerability in Hitachi Content Platform Anywhere 4.4.5/4.5.0 Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. | 6.5 |
| 2021-09-23 | CVE-2021-22015 | Files or Directories Accessible to External Parties vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. | 7.8 |
| 2021-09-20 | CVE-2021-25741 | Files or Directories Accessible to External Parties vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. | 8.1 |
| 2021-09-15 | CVE-2020-35340 | Files or Directories Accessible to External Parties vulnerability in Expertpdf A local file inclusion vulnerability in ExpertPDF 9.5.0 through 14.1.0 allows attackers to read the file contents from files that the running ExpertPDF process has access to read. | 7.5 |
| 2021-09-09 | CVE-2021-32833 | Files or Directories Accessible to External Parties vulnerability in Emby Emby.Releases Emby Server is a personal media server with apps on many devices. | 8.6 |
| 2021-09-02 | CVE-2021-34765 | Files or Directories Accessible to External Parties vulnerability in Cisco Nexus Insights A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. | 4.3 |
| 2021-08-31 | CVE-2021-36233 | Files or Directories Accessible to External Parties vulnerability in Unit4 Mik.Starlight 7.9.5.24363 The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path. | 6.5 |
| 2021-08-31 | CVE-2021-39316 | Files or Directories Accessible to External Parties vulnerability in Digitalzoomstudio Zoomsounds The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal in the `link` parameter. | 7.5 |
| 2021-08-20 | CVE-2020-25351 | Files or Directories Accessible to External Parties vulnerability in Rconfig 3.9.5 An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. | 6.5 |