Total
6050 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48848 | 1 Ureport Project | 1 Ureport | 2023-12-04 | N/A | 7.5 HIGH |
| An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path. | |||||
| CVE-2022-41951 | 1 Oroinc | 1 Oroplatform | 2023-12-04 | N/A | 9.8 CRITICAL |
| OroPlatform is a PHP Business Application Platform (BAP) designed to make development of custom business applications easier and faster. Path Traversal is possible in `Oro\Bundle\GaufretteBundle\FileManager::getTemporaryFileName`. With this method, an attacker can pass the path to a non-existent file, which will allow writing the content to a new file that will be available during script execution. This vulnerability has been fixed in version 5.0.9. | |||||
| CVE-2023-32558 | 1 Nodejs | 1 Node.js | 2023-12-04 | N/A | 7.5 HIGH |
| The use of the deprecated API `process.binding()` can bypass the permission model through path traversal. This vulnerability affects all users using the experimental permission model in Node.js 20.x. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | |||||
| CVE-2022-37703 | 1 Amanda | 1 Amanda | 2023-12-03 | N/A | 3.3 LOW |
| In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path. | |||||
| CVE-2023-48185 | 1 Terra-mater | 1 Terra-master | 2023-12-02 | N/A | 7.5 HIGH |
| Directory Traversal vulnerability in TerraMaster v.s1.0 through v.2.295 allows a remote attacker to obtain sensitive information via a crafted GET request. | |||||
| CVE-2023-5607 | 1 Trellix | 1 Application And Change Control | 2023-12-01 | N/A | 7.2 HIGH |
| An improper limitation of a path name to a restricted directory (path traversal) vulnerability in the TACC ePO extension, for on-premises ePO servers, prior to version 8.4.0 could lead to an authorised administrator attacker executing arbitrary code through uploading a specially crafted GTI reputation file. The attacker would need the appropriate privileges to access the relevant section of the User Interface. The import logic has been updated to restrict file types and content. | |||||
| CVE-2023-47313 | 1 H-mdm | 1 Headwind Mdm | 2023-11-30 | N/A | 5.4 MEDIUM |
| Headwind MDM Web panel 5.22.1 is vulnerable to Directory Traversal. The application uses an API call to move the uploaded temporary file to the file directory during the file upload process. This API call receives two input parameters, such as path and localPath. The first one refers to the temporary file with an absolute path without validating it. Attackers may modify this API call by referring to arbitrary files. As a result, arbitrary files can be moved to the files directory and so they can be downloaded. | |||||
| CVE-2023-6118 | 1 Neutron | 34 Ipc2224-sr3-npf-36, Ipc2224-sr3-npf-36 Firmware, Ipc2624-sr3-npf-36 and 31 more | 2023-11-30 | N/A | 7.5 HIGH |
| Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal.This issue affects IP Camera: before b1130.1.0.1. | |||||
| CVE-2023-47251 | 1 M-privacy | 2 Mprivacy-tools, Tightgatevnc | 2023-11-30 | N/A | 6.5 MEDIUM |
| In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers (with access to a VNC session) to automatically transfer malicious PDF documents by moving them into the .spool directory, and then sending a signal to the VNC service, which automatically transfers them to the connected VNC client's filesystem. | |||||
| CVE-2023-47467 | 1 Jeecg | 1 Jeecg-boot | 2023-11-30 | N/A | 6.5 MEDIUM |
| Directory Traversal vulnerability in jeecg-boot v.3.6.0 allows a remote privileged attacker to obtain sensitive information via the file directory structure. | |||||
| CVE-2022-25178 | 1 Jenkins | 1 Pipeline\ | 2023-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. | |||||
| CVE-2022-27203 | 1 Jenkins | 1 Extended Choice Parameter | 2023-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Item/Configure permission to read values from arbitrary JSON and Java properties files on the Jenkins controller. | |||||
| CVE-2022-23113 | 1 Jenkins | 1 Publish Over Ssh | 2023-11-30 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files. | |||||
| CVE-2022-25188 | 1 Jenkins | 1 Fortify | 2023-11-30 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker. | |||||
| CVE-2021-22151 | 1 Elastic | 1 Kibana | 2023-11-30 | N/A | 4.3 MEDIUM |
| It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension. | |||||
| CVE-2023-6209 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2023-11-30 | N/A | 6.5 MEDIUM |
| Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. | |||||
| CVE-2023-6032 | 1 Schneider-electric | 4 Galaxy Vl, Galaxy Vl Firmware, Galaxy Vs and 1 more | 2023-11-30 | N/A | 5.3 MEDIUM |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause a file system enumeration and file download when an attacker navigates to the Network Management Card via HTTPS. | |||||
| CVE-2023-38879 | 1 Os4ed | 1 Opensis | 2023-11-30 | N/A | 7.5 HIGH |
| The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'. | |||||
| CVE-2023-4593 | 2 Microsoft, Seattlelab | 2 Windows, Slmail | 2023-11-29 | N/A | 6.5 MEDIUM |
| Path traversal vulnerability whose exploitation could allow an authenticated remote user to bypass SecurityManager's intended restrictions and list a parent directory via any filename, such as a multiple ..%2F value affecting the 'dodoc' parameter in the /MailAdmin_dll.htm file. | |||||
| CVE-2023-6160 | 1 Lifterlms | 1 Lifterlms | 2023-11-29 | N/A | 6.7 MEDIUM |
| The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 7.4.2 via the maybe_serve_export function. This makes it possible for authenticated attackers, with administrator or LMS manager access and above, to read the contents of arbitrary CSV files on the server, which can contain sensitive information as well as removing those files from the server. | |||||