Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2872 | 1 Ibm | 2 Qradar Security Information And Event Manager, Security Qradar Incident Forensics | 2016-07-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL. | |||||
| CVE-2015-4703 | 1 Rename Project | 1 Rename | 2016-06-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| Absolute path traversal vulnerability in mysqldump_download.php in the WordPress Rename plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the dumpfname parameter. | |||||
| CVE-2016-4814 | 1 Gsi | 1 Old Gsi Maps | 2016-06-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in kml2jsonp.php in Geospatial Information Authority of Japan (aka GSI) Old_GSI_Maps before January 2015 on Windows allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2016-1192 | 1 Cybozu | 1 Garoon | 2016-06-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors. | |||||
| CVE-2016-1191 | 1 Cybozu | 1 Garoon | 2016-06-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors. | |||||
| CVE-2016-4815 | 1 Buffalo | 12 Wzr-600dhp2, Wzr-600dhp2 Firmware, Wzr-600dhp3 and 9 more | 2016-06-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2015-1807 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2016-06-15 | 3.5 LOW | N/A |
| Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions to read arbitrary files via a symlink, related to building artifacts. | |||||
| CVE-2016-1231 | 3 Debian, Fedoraproject, Prosody | 3 Debian Linux, Fedora, Prosody | 2016-06-15 | 4.3 MEDIUM | 5.9 MEDIUM |
| Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) in an unspecified path. | |||||
| CVE-2016-1212 | 1 Futomi | 1 Mp Form Mail Cgi | 2016-06-06 | 4.0 MEDIUM | 2.7 LOW |
| Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors. | |||||
| CVE-2015-1322 | 2 Canonical, Ubuntu | 2 Ubuntu Linux, Network-manager | 2016-05-26 | 4.6 MEDIUM | N/A |
| Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or read arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts). | |||||
| CVE-2001-0780 | 1 Cosmicperl | 1 Directory Pro | 2016-05-25 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter. | |||||
| CVE-2016-3972 | 1 Dotcms | 1 Dotcms | 2016-04-20 | 4.0 MEDIUM | 2.7 LOW |
| Directory traversal vulnerability in the dotTailLogServlet in dotCMS before 3.5.1 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the fileName parameter. | |||||
| CVE-2015-0984 | 1 Honeywell | 8 Excel Web Xl 1000c1000 600 I\/o, Excel Web Xl 1000c1000 600 I\/o Uukl, Excel Web Xl 1000c100 104 I\/o and 5 more | 2016-04-06 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers before 2.04.01 allows remote attackers to read files under the web root, and consequently obtain administrative login access, via a crafted pathname. | |||||
| CVE-2016-2289 | 1 Iconics | 1 Webhmi | 2016-04-04 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in ICONICS WebHMI 9 and earlier allows remote attackers to read configuration files, and consequently discover password hashes, via unspecified vectors. | |||||
| CVE-2013-6023 | 1 Tvt | 2 Dvr, Dvr Firmware | 2016-03-31 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI. | |||||
| CVE-2016-1145 | 1 Nec | 1 Expresscluster X | 2016-03-10 | 7.8 HIGH | 7.5 HIGH |
| Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2013-7448 | 2 Debian, Didiwiki Project | 2 Debian Linux, Didiwiki | 2016-03-10 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get. | |||||
| CVE-2015-8794 | 1 Roundcube | 1 Roundcube Webmail | 2016-02-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the _alt parameter, related to contact photo handling. | |||||
| CVE-2015-4988 | 1 Ibm | 1 Tealeaf Customer Experience | 2016-01-22 | 7.8 HIGH | 8.6 HIGH |
| Directory traversal vulnerability in the replay server in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2015-2007 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2016-01-07 | 4.0 MEDIUM | 5.0 MEDIUM |
| Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.5 Patch 6 allows remote authenticated users to read arbitrary files via a crafted URL. | |||||