Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-1819 | 1 Cisco | 2 Evolved Programmable Network Manager, Prime Infrastructure | 2023-03-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. A successful exploit could allow the attacker to view application files that may contain sensitive information. | |||||
| CVE-2019-1818 | 1 Cisco | 2 Evolved Programmable Network Manager, Prime Infrastructure | 2023-03-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. A successful exploit could allow the attacker to view application files that may contain sensitive information. | |||||
| CVE-2018-3822 | 1 Elastic | 1 X-pack | 2023-03-24 | 7.5 HIGH | 9.8 CRITICAL |
| X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal. An attacker might have been able to impersonate a legitimate user if the SAML Identity Provider allows for self registration with arbitrary identifiers and the attacker can register an account which an identifier that shares a suffix with a legitimate account. Both of those conditions must be true in order to exploit this flaw. | |||||
| CVE-2023-27981 | 1 Schneider-electric | 3 Custom Reports, Igss Dashboard, Igss Data Server | 2023-03-24 | N/A | 8.8 HIGH |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code execution when a victim tries to open a malicious report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). | |||||
| CVE-2023-28105 | 1 Go-huge-util Project | 1 Go-huge-util | 2023-03-23 | N/A | 8.8 HIGH |
| go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use `zip.Unzip` to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version 0.0.34. There are no known workarounds. | |||||
| CVE-2023-21456 | 1 Samsung | 1 Android | 2023-03-23 | N/A | 5.5 MEDIUM |
| Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid. | |||||
| CVE-2023-25803 | 1 Roxy-wi | 1 Roxy-wi | 2023-03-22 | N/A | 7.5 HIGH |
| Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a directory traversal vulnerability that allows the inclusion of server-side files. This issue is fixed in version 6.3.5.0. | |||||
| CVE-2012-4701 | 1 Tridium | 1 Niagara Ax | 2023-03-22 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature. | |||||
| CVE-2012-4027 | 1 Tridium | 1 Niagara Ax | 2023-03-22 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Tridium Niagara AX Framework allows remote attackers to read files outside of the intended images, nav, and px folders by leveraging incorrect permissions, as demonstrated by reading the config.bog file. | |||||
| CVE-2023-27588 | 1 Hasura | 1 Graphql Engine | 2023-03-21 | N/A | 7.5 HIGH |
| Hasura is an open-source product that provides users GraphQL or REST APIs. A path traversal vulnerability has been discovered within Hasura GraphQL Engine prior to versions 1.3.4, 2.55.1, 2.20.1, and 2.21.0-beta1. Projects running on Hasura Cloud were not vulnerable. Self-hosted Hasura Projects with deployments that are publicly exposed and not protected by a WAF or other HTTP protection layer should be upgraded to version 1.3.4, 2.55.1, 2.20.1, or 2.21.0-beta1 to receive a patch. | |||||
| CVE-2023-25804 | 1 Roxy-wi | 1 Roxy-wi | 2023-03-19 | N/A | 5.3 MEDIUM |
| Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a limited path traversal vulnerability. An SSH key can be saved into an unintended location, for example the `/tmp` folder using a payload `../../../../../tmp/test111_dev`. This issue has been fixed in version 6.3.5.0. | |||||
| CVE-2023-25814 | 1 Metersphere | 1 Metersphere | 2023-03-15 | N/A | 6.5 MEDIUM |
| metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a resource file through UI operations is able to append a path to their submission query which will be read by the system and displayed to the user. This allows a users of the system to read arbitrary files on the filesystem of the server so long as the server process itself has permission to read the requested files. This issue has been addressed in version 2.7.1. All users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-22336 | 1 Dos-osaka | 2 Rakuraku Pc Cloud Agent, Ss1 | 2023-03-13 | N/A | 9.8 CRITICAL |
| Path traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to upload a specially crafted file to an arbitrary directory. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device. | |||||
| CVE-2022-35861 | 1 Pyenv | 1 Pyenv | 2023-03-03 | 4.6 MEDIUM | 7.8 HIGH |
| pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. (Shims are executables that pass a command along to a specific version of pyenv. The version string is used to construct the path to the command, and there is no validation of whether the version specified is a valid version. Thus, relative path traversal can occur.) | |||||
| CVE-2019-14418 | 1 Veritas | 1 Resiliency Platform | 2023-03-03 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine. | |||||
| CVE-2023-25579 | 1 Nextcloud | 1 Nextcloud Server | 2023-03-03 | N/A | 7.5 HIGH |
| Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation of paths outside of ones own space and overwriting data from other users with crafted paths. This issue has been addressed in versions 25.0.2, 24.0.8, and 23.0.12. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-22973 | 1 Open-emr | 1 Openemr | 2023-03-03 | N/A | 8.8 HIGH |
| A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated users to execute code via the formname parameter. | |||||
| CVE-2023-0947 | 1 Flatpress | 1 Flatpress | 2023-03-02 | N/A | 9.8 CRITICAL |
| Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3. | |||||
| CVE-2019-10985 | 1 Advantech | 1 Webaccess | 2023-03-02 | 6.4 MEDIUM | 9.1 CRITICAL |
| In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator. | |||||
| CVE-2019-1785 | 1 Clamav | 1 Clamav | 2023-03-01 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system. | |||||