Vulnerabilities > Files or Directories Accessible to External Parties
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-22 | CVE-2017-6922 | Files or Directories Accessible to External Parties vulnerability in multiple products In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. | 6.5 |
2018-09-12 | CVE-2018-16946 | Files or Directories Accessible to External Parties vulnerability in LG products LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. | 7.5 |
2018-06-11 | CVE-2018-5112 | Files or Directories Accessible to External Parties vulnerability in multiple products Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. | 7.5 |
2018-03-23 | CVE-2017-1602 | Files or Directories Accessible to External Parties vulnerability in IBM products IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. | 4.3 |
2018-01-18 | CVE-2018-0106 | Files or Directories Accessible to External Parties vulnerability in Cisco Elastic Services Controller A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive information on a targeted system. | 3.3 |
2017-11-09 | CVE-2017-16651 | Files or Directories Accessible to External Parties vulnerability in multiple products Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. | 7.8 |
2017-10-23 | CVE-2017-7079 | Files or Directories Accessible to External Parties vulnerability in Apple Itunes An issue was discovered in certain Apple products. | 5.5 |
2017-10-13 | CVE-2017-11829 | Files or Directories Accessible to External Parties vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions. | 5.5 |
2017-09-30 | CVE-2017-14942 | Files or Directories Accessible to External Parties vulnerability in Intelbras WRN 150 Firmware 1.0.1 Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie. | 9.8 |
2017-09-28 | CVE-2017-2551 | Files or Directories Accessible to External Parties vulnerability in Inpsyde Backwpup Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download. | 7.5 |