Filtered by CWE-538
Total 37 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-1406 1 Cisco 1 Unified Communications Manager 2024-11-08 4.9 Medium
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper inclusion of sensitive information in downloadable files. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to obtain hashed credentials of system users. To exploit this vulnerability an attacker would need to have valid user credentials with elevated privileges.
CVE-2022-20864 1 Cisco 240 Catalyst 3650, Catalyst 3650-12x48fd-e, Catalyst 3650-12x48fd-l and 237 more 2024-11-01 4.6 Medium
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password.
CVE-2024-9671 1 Redhat 1 Red Hat 3scale Amp 2024-10-10 5.3 Medium
A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a Developer user if the URL is known. Anyone can see the invoice if the URL is known or guessed.
CVE-2023-4480 1 Php-fusion 1 Phpfusion 2024-09-26 5.5 Medium
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the application’s mime-type and file extension validation. 
CVE-2023-5937 2024-09-20 3.8 Low
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files.
CVE-2018-4847 1 Siemens 1 Simatic Wincc Oa Operator 2024-09-17 N/A
A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4). Insufficient protection of sensitive information (e.g. session key for accessing server) in Siemens WinCC OA Operator iOS app could allow an attacker with physical access to the mobile device to read unencrypted data from the app's directory. Siemens provides mitigations to resolve the security issue.
CVE-2021-3709 1 Canonical 2 Apport, Ubuntu Linux 2024-09-16 6.5 Medium
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;
CVE-2018-10590 1 Advantech 4 Webaccess, Webaccess\/nms, Webaccess Dashboard and 1 more 2024-09-16 N/A
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible.
CVE-2017-16770 1 Synology 1 Surveillance Station 2024-09-16 N/A
File and directory information exposure vulnerability in SYNO.SurveillanceStation.PersonalSettings.Photo in Synology Surveillance Station before 8.1.2-5469 allows remote authenticated users to obtain other user's sensitive files via the filename parameter.
CVE-2022-0013 2 Microsoft, Paloaltonetworks 2 Windows, Cortex Xdr Agent 2024-09-16 5 Medium
A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2.
CVE-2019-15793 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-09-16 6.5 Medium
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated into the s_user_ns for the lower filesystem. This resulted in using ids other than the intended ones in the lower fs, which likely did not map into the shifts s_user_ns. A local attacker could use this to possibly bypass discretionary access control permissions.
CVE-2019-12623 1 Cisco 1 Enterprise Network Functions Virtualization Infrastructure 2024-09-16 N/A
A vulnerability in the web server functionality of Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform file enumeration on an affected system. The vulnerability is due to the web server responding with different error codes for existing and non-existing files. An attacker could exploit this vulnerability by sending GET requests for different file names. A successful exploit could allow the attacker to enumerate files residing on the system.
CVE-2023-46723 1 Pajip 1 Lte-pic32-writer 2024-09-05 8.9 High
lte-pic32-writer is a writer for PIC32 devices. In versions 0.0.1 and prior, those who use `sendto.txt` are vulnerable to attackers who known the IMEI reading the sendto.txt. The sendto.txt file can contain the SNS(such as slack and zulip) URL and API key. As of time of publication, a patch is not yet available. As workarounds, avoid using `sendto.txt` or use `.htaccess` to block access to `sendto.txt`.
CVE-2024-21501 1 Redhat 3 Acm, Multicluster Engine, Openshift 2024-08-28 5.3 Medium
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.
CVE-2024-22433 1 Dell 1 Data Protection Search 2024-08-19 8.8 High
Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity, Protection, and remote takeover of the system. This is a high-severity vulnerability as it allows an attacker to take complete control of DP Search to affect downstream protected devices.
CVE-2016-10399 1 Sendio 1 Sendio 2024-08-06 N/A
Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed an unauthenticated, remote attacker to read potentially sensitive system files via a specially crafted URL.
CVE-2017-9947 1 Siemens 8 Apogee Pxc, Apogee Pxc Firmware, Apogee Pxc Modular and 5 more 2024-08-05 5.3 Medium
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.
CVE-2017-5387 1 Mozilla 1 Firefox 2024-08-05 N/A
The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox < 51.
CVE-2018-20932 1 Cpanel 1 Cpanel 2024-08-05 N/A
cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
CVE-2018-16970 1 Wisetail 1 Learning Management System 2024-08-05 N/A
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.