Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-29395 | 1 Globalnorthstar | 1 Northstar Club Management | 2022-02-08 | 5.0 MEDIUM | 7.5 HIGH |
| Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application. | |||||
| CVE-2021-44977 | 1 Idreamsoft | 1 Icms | 2022-02-08 | 5.0 MEDIUM | 7.5 HIGH |
| In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files. | |||||
| CVE-2021-32840 | 1 Sharpziplib Project | 1 Sharpziplib | 2022-02-07 | 7.5 HIGH | 9.8 CRITICAL |
| SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3. | |||||
| CVE-2021-32841 | 1 Sharpziplib Project | 1 Sharpziplib | 2022-02-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability. | |||||
| CVE-2021-32842 | 1 Sharpziplib Project | 1 Sharpziplib | 2022-02-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that `_baseDirectory` ends with slash. If the _baseDirectory is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins as the destination directory one level up from the directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 fixed this vulnerability. | |||||
| CVE-2010-3450 | 3 Apache, Canonical, Debian | 3 Openoffice, Ubuntu Linux, Debian Linux | 2022-02-07 | 9.3 HIGH | N/A |
| Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. | |||||
| CVE-2010-3689 | 3 Apache, Canonical, Debian | 3 Openoffice, Ubuntu Linux, Debian Linux | 2022-02-07 | 6.9 MEDIUM | N/A |
| soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2021-42753 | 1 Fortinet | 1 Fortiweb | 2022-02-07 | 8.5 HIGH | 8.1 HIGH |
| An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.x, 6.1.x, 6.0.x, 5.9.x and 5.8.x may allow an authenticated attacker to perform an arbitrary file and directory deletion in the device filesystem. | |||||
| CVE-2020-1904 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2022-02-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachments to messages. | |||||
| CVE-2022-0401 | 1 W-zip Project | 1 W-zip | 2022-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Path Traversal in NPM w-zip prior to 1.0.12. | |||||
| CVE-2022-0320 | 1 Wpdeveloper | 1 Essential Addons For Elementor | 2022-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead to RCE via user uploaded files or other LFI to RCE techniques. | |||||
| CVE-2021-23520 | 1 Juce | 1 Juce | 2022-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo() on a ZipFile object. | |||||
| CVE-2021-34805 | 1 Land-software | 1 Faust Iserver | 2022-02-04 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in FAUST iServer before 9.0.019.019.7. For each URL request, it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal. | |||||
| CVE-2022-23409 | 1 Ethercreative | 1 Logs | 2022-02-04 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php. | |||||
| CVE-2022-22932 | 1 Apache | 1 Karaf | 2022-02-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| Apache Karaf obr:* commands and run goal on the karaf-maven-plugin have partial path traversal which allows to break out of expected folder. The risk is low as obr:* commands are not very used and the entry is set by user. This has been fixed in revision: https://gitbox.apache.org/repos/asf?p=karaf.git;h=36a2bc4 https://gitbox.apache.org/repos/asf?p=karaf.git;h=52b70cf Mitigation: Apache Karaf users should upgrade to 4.2.15 or 4.3.6 or later as soon as possible, or use correct path. JIRA Tickets: https://issues.apache.org/jira/browse/KARAF-7326 | |||||
| CVE-2021-40745 | 3 Adobe, Linux, Microsoft | 3 Campaign, Linux Kernel, Windows | 2022-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. By leveraging an exposed XML file, an unauthenticated attacker can enumerate other files on the server. | |||||
| CVE-2022-22790 | 1 Synel | 1 Eharmony | 2022-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access to the file system. on the "Name" parameter the attacker can return to the root directory and open the host file. The path exposes sensitive files that users upload | |||||
| CVE-2021-22022 | 1 Vmware | 3 Cloud Foundation, Vrealize Operations Manager, Vrealize Suite Lifecycle Manager | 2022-02-01 | 4.0 MEDIUM | 4.9 MEDIUM |
| The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure. | |||||
| CVE-2020-17383 | 1 Telosalliance | 2 Z\/ip One, Z\/ip One Firmware | 2022-01-28 | 10.0 HIGH | 9.8 CRITICAL |
| A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an unauthenticated individual root level access to the device's file system. This can be used to identify configuration settings, password hashes for built-in accounts, and the cleartext password for remote configuration of the device through the WebUI. | |||||
| CVE-2021-23631 | 1 Convert-svg-core Project | 1 Convert-svg-core | 2022-01-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file. | |||||