by Alyssa Portillo | Aug 13, 2019 | CVE Notifications
An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the...
by Alyssa Portillo | Aug 13, 2019 | CVE Notifications
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
by Alyssa Portillo | Aug 13, 2019 | CVE Notifications
NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure.
by Alyssa Portillo | Aug 13, 2019 | CVE Notifications
Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked.
by Alyssa Portillo | Aug 13, 2019 | CVE Notifications
Search Guard versions before 21.0 had an timing side channel issue when using the internal user database.
