Search
Total
4706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8209 | 1 Citrix | 1 Xenmobile Server | 2020-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files. | |||||
| CVE-2018-15750 | 1 Saltstack | 1 Salt | 2020-08-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server. | |||||
| CVE-2015-1429 | 1 Cybelesoft | 1 Thinfinity Remote Desktop Workstation | 2020-08-19 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in Cybele Software Thinfinity Remote Desktop Workstation 3.0.0.3 32-bit and 64-bit allows remote attackers to download arbitrary files via a .. (dot dot) in an unspecified parameter. | |||||
| CVE-2019-10197 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2020-08-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share. | |||||
| CVE-2019-8320 | 1 Rubygems | 1 Rubygems | 2020-08-16 | 8.8 HIGH | 7.4 HIGH |
| A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3.0.2. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could delete arbitrary files on the user's machine, presuming the attacker could guess at paths. Given how frequently gem is run as sudo, and how predictable paths are on modern systems (/tmp, /usr, etc.), this could likely lead to data loss or an unusable system. | |||||
| CVE-2017-17671 | 2 Microsoft, Vbulletin | 2 Windows, Vbulletin | 2020-08-14 | 7.5 HIGH | 9.8 CRITICAL |
| vBulletin through 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify an arbitrary pathname, and because ../ traversal is blocked but ..\ traversal is not blocked. For example, an attacker can make an invalid HTTP request containing PHP code, and then make an index.php?routestring= request with enough instances of ".." to reach an Apache HTTP Server log file. | |||||
| CVE-2019-4582 | 1 Ibm | 1 Maximo Asset Management | 2020-08-13 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 167288. | |||||
| CVE-2020-13376 | 1 Securenvoy | 1 Securmail | 2020-08-12 | 9.3 HIGH | 9.0 CRITICAL |
| SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie. | |||||
| CVE-2020-5609 | 1 Yokogawa | 8 B\/m9000cs, B\/m9000cs Firmware, B\/m9000vp and 5 more | 2020-08-12 | 7.5 HIGH | 9.8 CRITICAL |
| Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors. | |||||
| CVE-2019-18393 | 1 Igniterealtime | 1 Openfire | 2020-08-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability. | |||||
| CVE-2020-12499 | 1 Phoenixcontact | 1 Plcnext Engineer | 2020-08-05 | 4.4 MEDIUM | 7.3 HIGH |
| In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files. | |||||
| CVE-2018-1000550 | 2 Debian, Sympa | 2 Debian Linux, Sympa | 2020-08-04 | 7.5 HIGH | 9.8 CRITICAL |
| The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This vulnerability appears to have been fixed in 6.2.32. | |||||
| CVE-2020-8222 | 1 Pulsesecure | 2 Pulse Connect Secure, Pulse Policy Secure | 2020-08-04 | 4.0 MEDIUM | 6.8 MEDIUM |
| A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting. | |||||
| CVE-2020-8221 | 1 Pulsesecure | 2 Pulse Connect Secure, Pulse Policy Secure | 2020-08-04 | 4.0 MEDIUM | 4.9 MEDIUM |
| A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated attacker to read arbitrary files via the administrator web interface. | |||||
| CVE-2011-4367 | 1 Apache | 1 Myfaces | 2020-08-04 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in MyFaces JavaServer Faces (JSF) in Apache MyFaces Core 2.0.x before 2.0.12 and 2.1.x before 2.1.6 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ln parameter to faces/javax.faces.resource/web.xml or (2) the PATH_INFO to faces/javax.faces.resource/. | |||||
| CVE-2017-7442 | 1 Gonitro | 1 Nitro Pro | 2020-08-04 | 6.8 MEDIUM | 8.8 HIGH |
| Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences. | |||||
| CVE-2020-15592 | 2 Microsoft, Riverbed | 2 Windows, Steelcentral Aternity Agent | 2020-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| SteelCentral Aternity Agent before 11.0.0.120 on Windows allows Privilege Escalation via a crafted file. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC (Inter-Process Communication) primitives to enable the processes to cooperate. The remotely callable methods from remotable objects available through interprocess communication allow loading of arbitrary plugins (i.e., C# assemblies) from the "%PROGRAMFILES(X86)%/Aternity Information Systems/Assistant/plugins” directory, where the name of the plugin is passed as part of an XML-serialized object. However, because the name of the DLL is concatenated with the “.\plugins” string, a directory traversal vulnerability exists in the way plugins are resolved. | |||||
| CVE-2020-9689 | 1 Magento | 1 Magento | 2020-07-30 | 8.5 HIGH | 6.5 MEDIUM |
| Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-5614 | 1 Kujirahand | 1 Konawiki | 2020-07-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2020-14490 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2020-07-30 | 6.5 MEDIUM | 8.8 HIGH |
| OpenClinic GA 5.09.02 and 5.89.05b includes arbitrary local files specified within its parameter and executes some files, which may allow disclosure of sensitive files or the execution of malicious uploaded files. | |||||
| CVE-2020-15492 | 1 Inneo | 1 Startup Tools | 2020-07-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated attacker to read files on the server via Directory Traversal, or possibly have unspecified other impact. | |||||
| CVE-2020-15712 | 1 Rconfig | 1 Rconfig | 2020-07-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences (%2f..%2f) in the path parameter to view arbitrary files on the system. | |||||
| CVE-2011-4800 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. | |||||
| CVE-2009-4815 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2009-1031 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request. | |||||
| CVE-2008-4501 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command. | |||||
| CVE-2001-0054 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. | |||||
| CVE-2020-15050 | 1 Supremainc | 1 Biostar 2 | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal. | |||||
| CVE-2020-15908 | 1 Cauldrondevelopment | 1 C\! | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive. | |||||
| CVE-2020-15923 | 1 Midasolutions | 1 Eframework | 2020-07-27 | 7.8 HIGH | 7.5 HIGH |
| Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal. | |||||
| CVE-2020-7681 | 1 Indo-mars | 1 Marscode | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js. | |||||
| CVE-2020-7687 | 1 Fast-http Project | 1 Fast-http | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js. | |||||
| CVE-2020-7682 | 1 Marked-tree Project | 1 Marked-tree | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js. | |||||
| CVE-2020-7683 | 1 Rollup-plugin-server Project | 1 Rollup-plugin-server | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function. | |||||
| CVE-2020-7686 | 1 Rollup-plugin-dev-server Project | 1 Rollup-plugin-dev-server | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function. | |||||
| CVE-2017-1000501 | 2 Awstats, Debian | 2 Awstats, Debian Linux | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. | |||||
| CVE-2020-8446 | 1 Ossec | 1 Ossec | 2020-07-27 | 2.1 LOW | 5.5 MEDIUM |
| In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to path traversal (with write access) via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user. | |||||
| CVE-2020-15124 | 1 Intranda | 1 Goobi Viewer Core | 2020-07-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potentially lead to the disclosure of sensitive information. The vulnerability has been fixed in version 4.8.3 | |||||
| CVE-2020-9663 | 1 Adobe | 1 Adobe Reader | 2020-07-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Adobe Reader Mobile versions 20.0.1 and earlier have a directory traversal vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2020-7684 | 1 Rollup-plugin-serve Project | 1 Rollup-plugin-serve | 2020-07-23 | 7.5 HIGH | 9.8 CRITICAL |
| This affects all versions of package rollup-plugin-serve. There is no path sanitization in readFile operation. | |||||
| CVE-2020-3381 | 1 Cisco | 5 Isr1100-4g, Isr1100-4gltegb, Isr1100-4gltena and 2 more | 2020-07-23 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access to sensitive files on a targeted system. The vulnerability is due to a lack of proper validation of files that are uploaded to an affected device. An attacker could exploit this vulnerability by uploading a crafted file to an affected system. An exploit could allow the attacker to view or modify arbitrary files on the targeted system. | |||||
| CVE-2020-3401 | 1 Cisco | 12 Isr1100-4g, Isr1100-4gltegb, Isr1100-4gltena and 9 more | 2020-07-23 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system. | |||||
| CVE-2016-7063 | 1 Pritunl | 1 Pritunl-client | 2020-07-23 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation. | |||||
| CVE-2020-8214 | 1 Servey Project | 1 Servey | 2020-07-22 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal vulnerability in servey version < 3 allows an attacker to read content of any arbitrary file. | |||||
| CVE-2020-9252 | 1 Huawei | 8 Magic2, Magic2 Firmware, Mate 20 and 5 more | 2020-07-22 | 2.1 LOW | 2.3 LOW |
| HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path. | |||||
| CVE-2020-15779 | 1 Socket.io-file Project | 1 Socket.io-file | 2020-07-22 | 5.0 MEDIUM | 7.5 HIGH |
| A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path. | |||||
| CVE-2020-0539 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2020-07-22 | 2.1 LOW | 5.5 MEDIUM |
| Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access. | |||||
| CVE-2020-14507 | 1 Advantech | 1 Iview | 2020-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Advantech iView, versions 5.6 and prior, is vulnerable to multiple path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code. | |||||
| CVE-2020-5764 | 1 Mxplayer | 1 Mx Player | 2020-07-17 | 5.8 MEDIUM | 8.8 HIGH |
| MX Player Android App versions prior to v1.24.5, are vulnerable to a directory traversal vulnerability when user is using the MX Transfer feature in "Receive" mode. An attacker can exploit this by connecting to the MX Transfer session as a "sender" and sending a MessageType of "FILE_LIST" with a "name" field containing directory traversal characters (../). This will result in the file being transferred to the victim's phone, but being saved outside of the intended "/sdcard/MXshare" directory. In some instances, an attacker can achieve remote code execution by writing ".odex" and ".vdex" files in the "oat" directory of the MX Player application. | |||||
| CVE-2020-5366 | 1 Dell | 2 Idrac9, Idrac9 Firmware | 2020-07-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal Vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability by manipulating input parameters to gain unauthorized read access to the arbitrary files. | |||||