Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18593 | 1 Hp | 1 Ucmdb Configuration Manager | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information | |||||
| CVE-2018-16874 | 4 Debian, Golang, Opensuse and 1 more | 5 Debian Linux, Go, Backports Sle and 2 more | 2023-11-07 | 6.8 MEDIUM | 8.1 HIGH |
| In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution. | |||||
| CVE-2018-15490 | 2 Expressvpn, Microsoft | 2 Expressvpn, Windows | 2023-11-07 | 6.6 MEDIUM | 7.1 HIGH |
| An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe process (which runs as a service with SYSTEM privileges) listens on TCP port 2015, which is used as an RPC interface for communication with the client side of the ExpressVPN application. A JSON-RPC protocol over HTTP is used for communication. The JSON-RPC XVPN.GetPreference and XVPN.SetPreference methods are vulnerable to path traversal, and allow reading and writing files on the file system on behalf of the service. | |||||
| CVE-2018-14806 | 1 Advantech | 1 Webaccess | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code. | |||||
| CVE-2018-14064 | 1 Velotismart Project | 2 Velotismart Wifi, Velotismart Wifi Firmware | 2023-11-07 | 5.0 MEDIUM | 9.8 CRITICAL |
| The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80. | |||||
| CVE-2018-12976 | 1 Godoc | 1 Go Doc Dot Org | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use specially crafted <go-import> tags in packages being fetched by gddo to cause a directory traversal and remote code execution. | |||||
| CVE-2018-12542 | 2 Eclipse, Microsoft | 2 Vert.x, Windows | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\' (forward slashes) sequences that can resolve to a location that is outside of that directory when running on Windows Operating Systems. | |||||
| CVE-2018-12476 | 1 Suse | 3 Obs-service-tar Scm, Opensuse Factory, Suse Linux Enterprise Server | 2023-11-07 | 6.4 MEDIUM | 7.5 HIGH |
| Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74. | |||||
| CVE-2018-12473 | 1 Opensuse | 1 Open Build Service | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal traversal vulnerability in obs-service-tar_scm of Open Build Service allows remote attackers to cause access files not in the current build. On the server itself this is prevented by confining the worker via KVM. Affected releases are openSUSE Open Build Service: versions prior to 70d1aa4cc4d7b940180553a63805c22fc62e2cf0. | |||||
| CVE-2018-11789 | 1 Apache | 1 Heron | 2023-11-07 | 7.8 HIGH | 7.5 HIGH |
| When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd. | |||||
| CVE-2018-11762 | 1 Apache | 1 Tika | 2023-11-07 | 5.8 MEDIUM | 5.9 MEDIUM |
| In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline (--extract-dir=) and the input file has an embedded file with an absolute path, such as "C:/evil.bat", tika-app would overwrite that file. | |||||
| CVE-2018-11759 | 3 Apache, Debian, Redhat | 3 Tomcat Jk Connector, Debian Linux, Jboss Core Services | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing the application via the reverse proxy. It was also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical. | |||||
| CVE-2018-1000850 | 1 Squareup | 1 Retrofit | 2023-11-07 | 6.4 MEDIUM | 7.5 HIGH |
| Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack appear to be exploitable via An attacker should have access to an encoded path parameter on POST, PUT or DELETE request.. This vulnerability appears to have been fixed in 2.5.0 and later. | |||||
| CVE-2017-9270 | 1 Opensuse | 1 Cryptctl | 2023-11-07 | 8.5 HIGH | 9.1 CRITICAL |
| In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database. | |||||
| CVE-2017-7433 | 1 Micro Focus | 1 Vibe | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication if Guest access is enabled (Guest access is disabled by default). | |||||
| CVE-2017-7424 | 1 Microfocus | 2 Enterprise Developer, Enterprise Server | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if this component is configured. Note esfadmingui is not enabled by default. | |||||
| CVE-2017-6306 | 2 Debian, Ytnef Project | 2 Debian Linux, Ytnef | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c." | |||||
| CVE-2017-5899 | 1 S-nail Project | 1 S-nail | 2023-11-07 | 6.9 MEDIUM | 7.0 HIGH |
| Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. (dot dot) in the randstr argument. | |||||
| CVE-2017-5182 | 1 Novell | 1 Open Enterprise Server | 2023-11-07 | 7.8 HIGH | 7.5 HIGH |
| Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077). | |||||
| CVE-2017-3163 | 1 Apache | 1 Solr | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access. | |||||