Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-552
Total 193 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-3476 1 Cisco 1 Ios 2020-09-30 3.6 LOW 6.0 MEDIUM
A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system.
CVE-2018-0106 1 Cisco 1 Elastic Services Controller 2020-09-04 2.1 LOW 3.3 LOW
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive information on a targeted system. The vulnerability is due to insufficient security restrictions. An attacker could exploit this vulnerability by accessing unauthorized information within the ConfD directory and file structure. Successful exploitation could allow the attacker to view sensitive information. Cisco Bug IDs: CSCvg00221.
CVE-2019-13404 2 Microsoft, Python 2 Windows, Python 2020-08-24 9.3 HIGH 7.8 HIGH
** DISPUTED ** The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases before 3.5.) NOTE: the vendor's position is that it is the user's responsibility to ensure C:\Python27 access control or choose a different directory, because backwards compatibility requires that C:\Python27 remain the default for 2.7.x.
CVE-2019-12375 1 Ivanti 1 Landesk Management Suite 2020-08-24 4.1 MEDIUM 6.3 MEDIUM
Open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote information disclosure and arbitrary code execution.
CVE-2020-5356 1 Dell 3 Powerprotect Data Manager, Powerprotect X400, Powerprotect X400 Firmware 2020-07-20 4.0 MEDIUM 6.5 MEDIUM
Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user may download any file from the affected PowerProtect virtual machines.
CVE-2020-4075 1 Electronjs 1 Electron 2020-07-13 2.1 LOW 7.5 HIGH
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling `event.preventDefault()` on all new-window events where the `url` or `options` is not something you expect. This is fixed in versions 9.0.0-beta.21, 8.2.4 and 7.2.4.
CVE-2020-3267 1 Cisco 1 Unified Contact Center Express 2020-06-12 5.5 MEDIUM 7.1 HIGH
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit this vulnerability by authenticating to an affected system with valid agent credentials and performing a specific API call with crafted input. A successful exploit could allow the attacker to change the availability state of an agent, potentially causing a denial of service condition.
CVE-2020-10516 1 Github 1 Github 2020-06-05 7.5 HIGH 9.8 CRITICAL
An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.21 and was fixed in 2.20.9, 2.19.15, and 2.18.20. This vulnerability was reported via the GitHub Bug Bounty program.
CVE-2020-12743 1 Gazie Project 1 Gazie 2020-05-15 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Gazie 7.32. A successful installation does not remove or block (or in any other way prevent use of) its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hidden_req POST parameter.
CVE-2020-12470 1 Mono 1 Monox 2020-05-04 6.5 MEDIUM 7.2 HIGH
MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.
CVE-2020-5289 1 Elide 1 Elide 2020-04-01 4.0 MEDIUM 6.5 MEDIUM
In Elide before 4.5.14, it is possible for an adversary to "guess and check" the value of a model field they do not have access to assuming they can read at least one other field in the model. The adversary can construct filter expressions for an inaccessible field to filter a collection. The presence or absence of models in the returned collection can be used to reconstruct the value of the inaccessible field. Resolved in Elide 4.5.14 and greater.
CVE-2020-5250 1 Prestashop 1 Prestashop 2020-03-05 4.9 MEDIUM 6.3 MEDIUM
In PrestaShop before version 1.7.6.4, when a customer edits their address, they can freely change the id_address in the form, and thus steal someone else's address. It is the same with CustomerForm, you are able to change the id_customer and change all information of all accounts. The problem is patched in version 1.7.6.4.
CVE-2015-4715 1 Owncloud 1 Owncloud 2020-02-28 4.0 MEDIUM 4.9 MEDIUM
The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x before 7.0.6, and 8.x before 8.0.4 when an external Dropbox storage has been mounted, allows remote administrators of Dropbox.com to read arbitrary files via an @ (at sign) character in unspecified POST values.
CVE-2019-17112 1 Zohocorp 1 Manageengine Datasecurity Plus 2019-11-20 4.0 MEDIUM 4.3 MEDIUM
An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server (except for the password).
CVE-2019-17221 1 Phantomjs 1 Phantomjs 2019-11-08 5.0 MEDIUM 7.5 HIGH
PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed.
CVE-2019-0381 1 Sap 3 Dynamic Tier, Sap Iq, Sql Anywhere 2019-10-15 2.1 LOW 5.5 MEDIUM
A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier, before versions 1.0 and 2.0, can result in the inadvertent access of files located in directories outside of the paths specified by the user.
CVE-2019-17130 1 Vbulletin 1 Vbulletin 2019-10-10 6.4 MEDIUM 6.5 MEDIUM
vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories.
CVE-2017-6922 2 Debian, Drupal 2 Debian Linux, Drupal 2019-10-09 4.0 MEDIUM 6.5 MEDIUM
In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core did not previously provide this protection, allowing an access bypass vulnerability to occur. This issue is mitigated by the fact that in order to be affected, the site must allow anonymous users to upload files into a private file system.
CVE-2017-1602 1 Ibm 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more 2019-10-09 4.0 MEDIUM 4.3 MEDIUM
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.
CVE-2018-5112 2 Canonical, Mozilla 2 Ubuntu Linux, Firefox 2019-10-02 5.0 MEDIUM 7.5 HIGH
Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox < 58.