Vulnerabilities > Files or Directories Accessible to External Parties
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-13 | CVE-2023-29450 | Files or Directories Accessible to External Parties vulnerability in Zabbix JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data. | 7.5 |
2023-07-05 | CVE-2023-2538 | Files or Directories Accessible to External Parties vulnerability in Tyan products A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan S5552 BMC version 3.00 allows an unauthenticated remote attacker to retrieve the private key of the TLS certificate in use by the BMC via forced browsing. | 4.2 |
2023-06-16 | CVE-2023-34645 | Files or Directories Accessible to External Parties vulnerability in Jflyfox Jfinal CMS 5.1.0 jfinal CMS 5.1.0 has an arbitrary file read vulnerability. | 7.5 |
2023-06-14 | CVE-2023-2976 | Files or Directories Accessible to External Parties vulnerability in Google Guava Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows. | 7.1 |
2023-06-13 | CVE-2023-33568 | Files or Directories Accessible to External Parties vulnerability in Dolibarr Erp/Crm An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists. | 7.5 |
2023-05-30 | CVE-2023-32684 | Files or Directories Accessible to External Parties vulnerability in Linuxfoundation Lima Lima launches Linux virtual machines, typically on macOS, for running containerd. | 2.5 |
2023-05-18 | CVE-2022-45450 | Files or Directories Accessible to External Parties vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure and manipulation due to improper authorization. | 7.5 |
2023-05-18 | CVE-2023-20183 | Files or Directories Accessible to External Parties vulnerability in Cisco DNA Center Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. | 4.3 |
2023-05-18 | CVE-2023-20184 | Files or Directories Accessible to External Parties vulnerability in Cisco DNA Center Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. | 4.3 |
2023-03-28 | CVE-2023-28375 | Files or Directories Accessible to External Parties vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01 Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. | 7.5 |