Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-18 | CVE-2022-44583 | Files or Directories Accessible to External Parties vulnerability in Watchtowerhq Watchtower Unauth. | 7.5 |
| 2022-11-10 | CVE-2022-45129 | Files or Directories Accessible to External Parties vulnerability in Payara Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. | 7.5 |
| 2022-11-03 | CVE-2022-41710 | Files or Directories Accessible to External Parties vulnerability in Markdownify Project Markdownify 1.4.1 Markdownify version 1.4.1 allows an external attacker to remotely obtain arbitrary local files on any client that attempts to view a malicious markdown file through Markdownify. | 5.5 |
| 2022-11-03 | CVE-2022-43449 | Files or Directories Accessible to External Parties vulnerability in Openharmony 3.1/3.1.1/3.1.2 OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server. | 5.5 |
| 2022-11-01 | CVE-2022-23738 | Files or Directories Accessible to External Parties vulnerability in Github Enterprise Server An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. | 5.7 |
| 2022-10-28 | CVE-2022-37424 | Files or Directories Accessible to External Parties vulnerability in Opennebula Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery. | 6.5 |
| 2022-10-17 | CVE-2022-2834 | Files or Directories Accessible to External Parties vulnerability in Helpful Project Helpful The Helpful WordPress plugin before 4.5.26 puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow attackers to download them and retrieve sensitive information such as IP, Names and Email Address depending on the plugin's settings | 5.3 |
| 2022-10-14 | CVE-2022-42234 | Files or Directories Accessible to External Parties vulnerability in Ucms Project Ucms 1.6 There is a file inclusion vulnerability in the template management module in UCMS 1.6 | 8.8 |
| 2022-09-29 | CVE-2022-40126 | Files or Directories Accessible to External Parties vulnerability in Clash Project Clash 0.19.9 A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated. | 7.8 |
| 2022-09-28 | CVE-2022-3287 | Files or Directories Accessible to External Parties vulnerability in Fwupd When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file. | 6.5 |