Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2018-10867 | Files or Directories Accessible to External Parties vulnerability in Redhat Certification 7.0 Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user. | 9.1 |
| 2021-05-17 | CVE-2021-29024 | Files or Directories Accessible to External Parties vulnerability in Invoiceplane 1.5.11 In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. | 7.5 |
| 2021-05-06 | CVE-2021-1512 | Files or Directories Accessible to External Parties vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. | 6.0 |
| 2021-04-29 | CVE-2021-1256 | Files or Directories Accessible to External Parties vulnerability in Cisco Firepower Threat Defense A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. | 6.0 |
| 2021-04-27 | CVE-2021-21429 | Files or Directories Accessible to External Parties vulnerability in Openapi-Generator Openapi Generator OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. | 2.1 |
| 2021-04-05 | CVE-2021-24154 | Files or Directories Accessible to External Parties vulnerability in Themeeditor Theme Editor The Theme Editor WordPress plugin before 2.6 did not validate the GET file parameter before passing it to the download_file() function, allowing administrators to download arbitrary files on the web server, such as /etc/passwd | 4.0 |
| 2021-03-24 | CVE-2021-1434 | Files or Directories Accessible to External Parties vulnerability in Cisco IOS XE A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. | 6.0 |
| 2021-03-23 | CVE-2021-21355 | Files or Directories Accessible to External Parties vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 7.5 |
| 2021-03-16 | CVE-2019-3897 | Files or Directories Accessible to External Parties vulnerability in Redhat Certification It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. | 5.0 |
| 2021-03-09 | CVE-2021-20253 | Files or Directories Accessible to External Parties vulnerability in Redhat Ansible Tower A flaw was found in ansible-tower. | 3.5 |