Vulnerabilities > Files or Directories Accessible to External Parties

DATE CVE VULNERABILITY TITLE RISK
2021-02-23 CVE-2021-20182 Files or Directories Accessible to External Parties vulnerability in Redhat Openshift Container Platform
A privilege escalation flaw was found in openshift4/ose-docker-builder.
network
low complexity
redhat CWE-552
8.8
8.8
2021-01-14 CVE-2020-27368 Files or Directories Accessible to External Parties vulnerability in Totolink A702R Firmware 1.0.0B20161227.1023
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.
local
low complexity
totolink CWE-552
5.5
5.5
2021-01-05 CVE-2020-17519 Files or Directories Accessible to External Parties vulnerability in Apache Flink 1.11.0/1.11.1/1.11.2
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process.
network
low complexity
apache CWE-552
7.5
7.5
2020-11-17 CVE-2020-26549 Files or Directories Accessible to External Parties vulnerability in Aviatrix Controller 5.3.1516
An issue was discovered in Aviatrix Controller before R5.4.1290.
network
low complexity
aviatrix CWE-552
7.5
7.5
2020-11-03 CVE-2020-1908 Files or Directories Accessible to External Parties vulnerability in Whatsapp and Whatsapp Business
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked.
low complexity
whatsapp CWE-552
4.6
4.6
2020-10-16 CVE-2020-26183 Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker
Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.
network
low complexity
dell CWE-552
6.5
6.5
2020-10-16 CVE-2020-26182 Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability.
network
low complexity
dell CWE-552
6.5
6.5
2020-10-15 CVE-2020-11642 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.
network
low complexity
br-automation CWE-552
6.5
6.5
2020-10-15 CVE-2020-11641 Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.
network
low complexity
br-automation CWE-552
6.5
6.5
2020-10-07 CVE-2020-15175 Files or Directories Accessible to External Parties vulnerability in Glpi-Project Glpi
In GLPI before version 9.5.2, the `?pluginimage.send.php?` endpoint allows a user to specify an image from a plugin.
network
low complexity
glpi-project CWE-552
critical
 9.1
9.1