Search
Total
1401 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5221 | 1 Troglobit | 1 Uftpd | 2020-01-30 | 6.4 MEDIUM | 7.2 HIGH |
| In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in compose_abspath(). This has been fixed in version 2.11 | |||||
| CVE-2019-19893 | 1 Ixpdata | 1 Easyinstall | 2020-01-29 | 7.8 HIGH | 7.5 HIGH |
| In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port 8000 via the Engine Service by an unauthenticated attacker, who can access the server's filesystem with the access rights of NT AUTHORITY\SYSTEM. | |||||
| CVE-2013-2474 | 1 Aws-dms | 1 Aws Xms | 2020-01-29 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter. | |||||
| CVE-2014-8742 | 1 Lexmark | 1 Markvision Enterprise | 2020-01-29 | 7.8 HIGH | 7.5 HIGH |
| Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2013-6056 | 1 Alienvault | 1 Open Source Security Information Management | 2020-01-29 | 7.8 HIGH | 7.5 HIGH |
| OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability | |||||
| CVE-2019-14767 | 1 Dimo-crm | 1 Yellowbox Crm | 2020-01-28 | 5.0 MEDIUM | 7.5 HIGH |
| In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence (dossier=../) and servletrecuperefichier (document=../) allows an unauthenticated user to download arbitrary files from the server. | |||||
| CVE-2020-1606 | 1 Juniper | 24 Junos, Qfx5110, Qfx5200 and 21 more | 2020-01-24 | 6.5 MEDIUM | 8.1 HIGH |
| A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect system files that can be accessed only by root user. This issue affects Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S2; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S4, 19.1R2. | |||||
| CVE-2020-7211 | 3 Libslirp Project, Microsoft, Qemu | 3 Libslirp, Windows, Qemu | 2020-01-23 | 5.0 MEDIUM | 7.5 HIGH |
| tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. | |||||
| CVE-2019-19834 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2020-01-23 | 6.5 MEDIUM | 7.2 HIGH |
| Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter. | |||||
| CVE-2016-8211 | 1 Dell | 1 Emc Data Protection Advisor | 2020-01-23 | 5.0 MEDIUM | 7.5 HIGH |
| EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2015-3151 | 1 Redhat | 1 Automatic Bug Reporting Tool | 2020-01-21 | 7.2 HIGH | 7.8 HIGH |
| Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method. | |||||
| CVE-2019-17180 | 2 Microsoft, Valvesoftware | 2 Windows, Steam Client | 2020-01-16 | 7.2 HIGH | 7.8 HIGH |
| Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other impact. | |||||
| CVE-2017-17309 | 1 Huawei | 2 Hg255s-10, Hg255s-10 Firmware | 2020-01-15 | 7.8 HIGH | 7.5 HIGH |
| Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication. | |||||
| CVE-2020-5840 | 1 Hashbrowncms | 1 Hashbrown Cms | 2020-01-14 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/Resource/Connection.js allows an attacker to reach a parent directory via a crafted name or ID field. | |||||
| CVE-2019-7751 | 1 Ricoh | 1 Fusionpro Vdp | 2020-01-14 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution. | |||||
| CVE-2019-15981 | 1 Cisco | 1 Data Center Network Manager | 2020-01-08 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application. For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is aggravated by the vulnerabilities described in the Cisco Data Center Network Manager Authentication Bypass Vulnerabilities advisory, published simultaneously with this one. | |||||
| CVE-2019-15980 | 1 Cisco | 1 Data Center Network Manager | 2020-01-08 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application. For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is aggravated by the vulnerabilities described in the Cisco Data Center Network Manager Authentication Bypass Vulnerabilities advisory, published simultaneously with this one. | |||||
| CVE-2019-15982 | 1 Cisco | 1 Data Center Network Manager | 2020-01-08 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application. For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is aggravated by the vulnerabilities described in the Cisco Data Center Network Manager Authentication Bypass Vulnerabilities advisory, published simultaneously with this one. | |||||
| CVE-2019-10220 | 1 Linux | 1 Linux Kernel | 2020-01-03 | 9.3 HIGH | 8.8 HIGH |
| Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | |||||
| CVE-2019-7483 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2019-12-31 | 5.0 MEDIUM | 7.5 HIGH |
| In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server. | |||||
| CVE-2019-15596 | 1 Statics-server Project | 1 Statics-server | 2019-12-27 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory. | |||||
| CVE-2019-15600 | 1 Http Server Project | 1 Http Server | 2019-12-23 | 5.0 MEDIUM | 7.5 HIGH |
| A Path traversal exists in http_server which allows an attacker to read arbitrary system files. | |||||
| CVE-2019-19848 | 1 Typo3 | 1 Typo3 | 2019-12-23 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.) | |||||
| CVE-2019-19731 | 1 Roxyfileman | 1 Roxy Fileman | 2019-12-23 | 5.0 MEDIUM | 7.5 HIGH |
| Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder (because an incomplete blacklist of file extensions allows Windows shortcut files to be uploaded). | |||||
| CVE-2019-16758 | 1 Lexmark | 2 Services Monitor, Services Monitor Firmware | 2019-12-19 | 5.0 MEDIUM | 7.5 HIGH |
| In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system. | |||||
| CVE-2019-14251 | 1 Temenos | 1 T24 | 2019-12-18 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a document on the server once successfully authenticated. However, an attacker can leverage downloadDocServer() to traverse the file system and access files or directories that are outside of the restricted directory because WealthT24/GetImage is used with the docDownloadPath and uploadLocation parameters. | |||||
| CVE-2019-3943 | 1 Mikrotik | 1 Routeros | 2019-12-17 | 7.5 HIGH | 8.1 HIGH |
| MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk). | |||||
| CVE-2019-19372 | 1 Rconfig | 1 Rconfig | 2019-12-17 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later reported that there was not a "fully working exploit." | |||||
| CVE-2014-9356 | 1 Docker | 1 Docker | 2019-12-11 | 8.5 HIGH | 8.6 HIGH |
| Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or (2) build in a Dockerfile. | |||||
| CVE-2019-19458 | 1 Saltosystem | 1 Proaccess Space | 2019-12-11 | 5.0 MEDIUM | 8.6 HIGH |
| SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature. | |||||
| CVE-2019-18922 | 1 Alliedtelesis | 2 At-gs950\/8, At-gs950\/8 Firmware | 2019-12-10 | 7.8 HIGH | 7.5 HIGH |
| A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product. | |||||
| CVE-2019-10767 | 1 Iobroker | 1 Iobroker.js-controller | 2019-12-03 | 5.0 MEDIUM | 7.5 HIGH |
| An attacker can include file contents from outside the `/adapter/xxx/` directory, where `xxx` is the name of an existent adapter like "admin". It is exploited using the administrative web panel with a request for an adapter file. **Note:** The attacker has to be logged in if the authentication is enabled (by default isn't enabled). | |||||
| CVE-2019-13157 | 1 Naver | 1 Vaccine | 2019-12-03 | 6.4 MEDIUM | 7.5 HIGH |
| nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive. | |||||
| CVE-2013-3311 | 1 Loftek | 2 Nexus 543, Nexus 543 Firmware | 2019-11-27 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a .. (dot dot) in the URL of an HTTP GET request. | |||||
| CVE-2018-13864 | 2 Lightbend, Microsoft | 2 Play Framework, Windows | 2019-11-25 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. It allows a remote attacker to download arbitrary files from the target server via specially crafted HTTP requests. | |||||
| CVE-2018-0588 | 1 Ultimatemember | 1 User Profile \& Membership | 2019-11-20 | 6.4 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2019-18951 | 1 Sibsoft | 1 Xfilesharing | 2019-11-15 | 5.0 MEDIUM | 7.5 HIGH |
| SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files. | |||||
| CVE-2016-10039 | 1 Modx | 1 Modx Revolution | 2019-11-14 | 7.5 HIGH | 7.3 HIGH |
| Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles. | |||||
| CVE-2016-10037 | 1 Modx | 1 Modx Revolution | 2019-11-14 | 7.5 HIGH | 7.3 HIGH |
| Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist. | |||||
| CVE-2019-14994 | 1 Atlassian | 1 Jira Service Desk | 2019-11-14 | 4.3 MEDIUM | 7.5 HIGH |
| The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and version 4.4.0 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. Note that when the 'Anyone can email the service desk or raise a request in the portal' setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability. | |||||
| CVE-2019-17327 | 1 Tmaxsoft | 1 Jeus | 2019-11-13 | 6.5 MEDIUM | 7.2 HIGH |
| JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file. | |||||
| CVE-2019-15004 | 1 Atlassian | 1 Jira Service Desk | 2019-11-13 | 4.3 MEDIUM | 7.5 HIGH |
| The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. Note that when the 'Anyone can email the service desk or raise a request in the portal' setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability. | |||||
| CVE-2019-13623 | 1 Nsa | 1 Ghidra | 2019-11-12 | 6.8 MEDIUM | 7.8 HIGH |
| In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module. | |||||
| CVE-2019-16876 | 1 Portainer | 1 Portainer | 2019-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Portainer before 1.22.1 allows Directory Traversal. | |||||
| CVE-2019-18665 | 1 Secudos | 1 Domos | 2019-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion. | |||||
| CVE-2005-2349 | 1 Zoo Project | 1 Zoo | 2019-11-01 | 5.0 MEDIUM | 7.5 HIGH |
| Zoo 2.10 has Directory traversal | |||||
| CVE-2019-18187 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2019-10-31 | 5.0 MEDIUM | 7.5 HIGH |
| Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication. | |||||
| CVE-2019-18371 | 1 Mi | 2 Millet Router 3g, Millet Router 3g Firmware | 2019-10-29 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication. | |||||
| CVE-2013-4855 | 1 D-link | 2 Dir-865l, Dir-865l Firmware | 2019-10-29 | 7.9 HIGH | 8.8 HIGH |
| D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. | |||||
| CVE-2016-4986 | 1 Jenkins | 1 Tap | 2019-10-28 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the TAP plugin before 1.25 in Jenkins allows remote attackers to read arbitrary files via an unspecified parameter. | |||||