Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20790 | 1 Cisco | 1 Unified Communications Manager | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the underlying operating system. | |||||
| CVE-2022-0072 | 1 Litespeedtech | 1 Openlitespeed | 2023-11-07 | N/A | 5.8 MEDIUM |
| Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1 | |||||
| CVE-2021-43775 | 1 Aimstack | 1 Aim | 2023-11-07 | 5.0 MEDIUM | 8.6 HIGH |
| Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. The vulnerability issue is resolved in Aim v3.1.0. | |||||
| CVE-2021-45452 | 2 Djangoproject, Fedoraproject | 2 Django, Fedora | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. | |||||
| CVE-2021-45448 | 1 Hitachi | 1 Vantara Pentaho | 2023-11-07 | N/A | 6.5 MEDIUM |
| Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user-supplied path to access resources that are out of bounds. The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. By using special elements such as ".." and "/" separators, attackers can escape outside of the restricted location to access files or directories that are elsewhere on the system. | |||||
| CVE-2021-41143 | 1 Openmage | 1 Magento | 2023-11-07 | N/A | 7.2 HIGH |
| OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue. | |||||
| CVE-2021-40153 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2023-11-07 | 5.8 MEDIUM | 8.1 HIGH |
| squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination. | |||||
| CVE-2021-41281 | 2 Fedoraproject, Matrix | 2 Fedora, Synapse | 2023-11-07 | 4.3 MEDIUM | 7.5 HIGH |
| Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. The last 2 directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact. Homeservers with the media repository disabled are unaffected. Homeservers with a federation whitelist are also unaffected, since Synapse will check the remote hostname, including the trailing `../`s, against the whitelist. Server administrators should upgrade to 1.47.1 or later. Server administrators using a reverse proxy could, at the expense of losing media functionality, may block the certain endpoints as a workaround. Alternatively, non-containerized deployments can be adapted to use the hardened systemd config. | |||||
| CVE-2021-3426 | 6 Debian, Fedoraproject, Netapp and 3 more | 10 Debian Linux, Fedora, Cloud Backup and 7 more | 2023-11-07 | 2.7 LOW | 5.7 MEDIUM |
| There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. | |||||
| CVE-2021-3281 | 3 Djangoproject, Fedoraproject, Netapp | 3 Django, Fedora, Snapcenter | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments. | |||||
| CVE-2021-34711 | 1 Cisco | 32 Ip Conference Phone 7832, Ip Conference Phone 7832 Firmware, Ip Conference Phone 8832 and 29 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system. | |||||
| CVE-2021-34701 | 1 Cisco | 3 Unified Communications Manager, Unified Communications Manager Im And Presence Service, Unity Connection | 2023-11-07 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote attacker to access sensitive data on an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system. | |||||
| CVE-2021-34762 | 1 Cisco | 3 Firepower Management Center Virtual Appliance, Firepower Threat Defense, Sourcefire Defense Center | 2023-11-07 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device. | |||||
| CVE-2021-31800 | 2 Fedoraproject, Secureauth | 2 Fedora, Impacket | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key. | |||||
| CVE-2021-33896 | 2 Dino, Fedoraproject | 2 Dino, Fedora | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators. | |||||
| CVE-2021-32062 | 2 Fedoraproject, Osgeo | 2 Fedora, Mapserver | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and 7.4.x before 7.4.5, and 7.5.x and 7.6.x before 7.6.3 does not properly enforce the MS_MAP_NO_PATH and MS_MAP_PATTERN restrictions that are intended to control the locations from which a mapfile may be loaded (with MapServer CGI). | |||||
| CVE-2021-34363 | 2 Fedoraproject, The Fuck Project | 2 Fedora, The Fuck | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature. | |||||
| CVE-2021-33203 | 2 Djangoproject, Fedoraproject | 2 Django, Fedora | 2023-11-07 | 4.0 MEDIUM | 4.9 MEDIUM |
| Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories. | |||||
| CVE-2021-28658 | 3 Debian, Djangoproject, Fedoraproject | 3 Debian Linux, Django, Fedora | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability. | |||||
| CVE-2021-30048 | 1 Novel Boutique House-plus Project | 1 Novel Boutique House-plus | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (?????-plus) 3.5.1 allows attackers to read arbitrary files via the filePath parameter. | |||||