Vulnerabilities > Files or Directories Accessible to External Parties

DATE CVE VULNERABILITY TITLE RISK
2021-02-24 CVE-2021-1361 Files or Directories Accessible to External Parties vulnerability in Cisco Nx-Os 9.3(5)/9.3(6)
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device.
network
low complexity
cisco CWE-552
critical
 9.1
9.1
2021-02-23 CVE-2021-20182 Files or Directories Accessible to External Parties vulnerability in Redhat Openshift Container Platform
A privilege escalation flaw was found in openshift4/ose-docker-builder.
network
low complexity
redhat CWE-552
6.5
6.5
2021-01-14 CVE-2020-27368 Files or Directories Accessible to External Parties vulnerability in Totolink A702R Firmware 1.0.0B20161227.1023
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.
local
low complexity
totolink CWE-552
2.1
2.1
2021-01-05 CVE-2020-17519 Files or Directories Accessible to External Parties vulnerability in Apache Flink 1.11.0/1.11.1/1.11.2
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process.
network
low complexity
apache CWE-552
7.5
7.5
2020-11-17 CVE-2020-26549 Files or Directories Accessible to External Parties vulnerability in Aviatrix Controller 5.3.1516
An issue was discovered in Aviatrix Controller before R5.4.1290.
network
low complexity
aviatrix CWE-552
5.0
5.0
2020-11-03 CVE-2020-1908 Files or Directories Accessible to External Parties vulnerability in Whatsapp
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked.
local
low complexity
whatsapp CWE-552
2.1
2.1
2020-10-16 CVE-2020-26183 Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker
Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.
network
low complexity
dell CWE-552
4.0
4.0
2020-10-16 CVE-2020-26182 Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability.
network
low complexity
dell CWE-552
4.0
4.0
2020-10-15 CVE-2020-11642 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.
network
low complexity
br-automation CWE-552
4.0
4.0
2020-10-15 CVE-2020-11641 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.
network
low complexity
br-automation CWE-552
4.0
4.0