Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31706 | 1 Vmware | 1 Vrealize Log Insight | 2023-09-11 | N/A | 9.8 CRITICAL |
| The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. | |||||
| CVE-2023-4480 | 1 Php-fusion | 1 Phpfusion | 2023-09-08 | N/A | 5.5 MEDIUM |
| Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the application’s mime-type and file extension validation. | |||||
| CVE-2023-41057 | 1 Plannigan | 1 Hyper Bump It | 2023-09-08 | N/A | 5.5 MEDIUM |
| hyper-bump-it is a command line tool for updating the version in project files.`hyper-bump-it` reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched files should be contained within the project root directory, but that is not checked. This could result in changes being written to files outside of the project. The default behaviour of `hyper-bump-it` is to display the planned changes and prompt the user for confirmation before editing any files. However, the configuration file provides a field that can be used cause files to be edited without displaying the prompt. This issue has been fixed in release version 0.5.1. Users are advised to upgrade. Users that are unable to update from vulnerable versions, executing `hyper-bump-it` with the `--interactive` command line argument will ensure that all planned changes are displayed and prompt the user for confirmation before editing any files, even if the configuration file contains `show_confirm_prompt=true`. | |||||
| CVE-2023-39964 | 1 Fit2cloud | 1 1panel | 2023-09-08 | N/A | 7.5 HIGH |
| 1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the `api/v1/file.go` file, there is a function called `LoadFromFile`, which directly reads the file by obtaining the requested path `parameter[path]`. The request parameters are not filtered, resulting in a background arbitrary file reading vulnerability. Version 1.5.0 has a patch for this issue. | |||||
| CVE-2023-39448 | 1 Ss-proj | 1 Shirasagi | 2023-09-08 | N/A | 8.8 HIGH |
| Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution. | |||||
| CVE-2023-4613 | 1 Lg | 1 Lg Led Assistant | 2023-09-08 | N/A | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. | |||||
| CVE-2023-4614 | 1 Lg | 1 Lg Led Assistant | 2023-09-08 | N/A | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. | |||||
| CVE-2023-4615 | 1 Lg | 1 Lg Led Assistant | 2023-09-08 | N/A | 7.5 HIGH |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user. | |||||
| CVE-2023-4616 | 1 Lg | 1 Lg Led Assistant | 2023-09-08 | N/A | 7.5 HIGH |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user. | |||||
| CVE-2023-31167 | 2 Microsoft, Selinc | 2 Windows, Sel-5036 Acselerator Bay Screen Builder | 2023-09-07 | N/A | 8.1 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Schweitzer Engineering Laboratories SEL-5036 acSELerator Bay Screen Builder Software on Windows allows Relative Path Traversal. SEL acSELerator Bay Screen Builder software is distributed by SEL-5033 SEL acSELerator RTAC, SEL-5030 Quickset, and SEL Compass. CVE-2023-31167 and was patched in the acSELerator Bay Screen Builder release available on 20230602. Please contact SEL for additional details. This issue affects SEL-5036 acSELerator Bay Screen Builder Software: before 1.0.49152.778. | |||||
| CVE-2023-39810 | 1 Busybox | 1 Busybox | 2023-09-07 | N/A | 7.8 HIGH |
| An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal. | |||||
| CVE-2023-41044 | 1 Graylog | 1 Graylog | 2023-09-06 | N/A | 3.8 LOW |
| Graylog is a free and open log management platform. A partial path traversal vulnerability exists in Graylog's `Support Bundle` feature. The vulnerability is caused by incorrect user input validation in an HTTP API resource. Graylog's Support Bundle feature allows an attacker with valid Admin role credentials to download or delete files in sibling directories of the support bundle directory. The default `data_dir` in operating system packages (DEB, RPM) is set to `/var/lib/graylog-server`. The data directory for the Support Bundle feature is always `<data_dir>/support-bundle`. Due to the partial path traversal vulnerability, an attacker with valid Admin role credentials can read or delete files in directories that start with a `/var/lib/graylog-server/support-bundle` directory name. The vulnerability would allow the download or deletion of files in the following example directories: `/var/lib/graylog-server/support-bundle-test` and `/var/lib/graylog-server/support-bundlesdirectory`. For the Graylog Docker images, the `data_dir` is set to `/usr/share/graylog/data` by default. This vulnerability is fixed in Graylog version 5.1.3 and later. Users are advised to upgrade. Users unable to upgrade should block all HTTP requests to the following HTTP API endpoints by using a reverse proxy server in front of Graylog. `GET /api/system/debug/support/bundle/download/{filename}` and `DELETE /api/system/debug/support/bundle/{filename}`. | |||||
| CVE-2023-41747 | 2 Acronis, Microsoft | 2 Cloud Manager, Windows | 2023-09-06 | N/A | 7.5 HIGH |
| Sensitive information disclosure due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. | |||||
| CVE-2023-39135 | 1 Marmelroy | 1 Zip | 2023-09-06 | N/A | 7.8 HIGH |
| An issue in Zip Swift v2.1.2 allows attackers to execute a path traversal attack via a crafted zip entry. | |||||
| CVE-2023-39138 | 1 Peakstep | 1 Zipfoundation | 2023-09-05 | N/A | 7.8 HIGH |
| An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file. | |||||
| CVE-2023-39139 | 1 Archive Project | 1 Archive | 2023-09-05 | N/A | 7.8 HIGH |
| An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file. | |||||
| CVE-2023-39026 | 2 Filemage, Microsoft | 2 Filemage, Windows | 2023-09-05 | N/A | 7.5 HIGH |
| Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive information via a crafted request to the /mgmt/ component. | |||||
| CVE-2021-3806 | 1 Tubitak | 1 Pardus Software Center | 2023-09-03 | 7.1 HIGH | 5.3 MEDIUM |
| A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system. | |||||
| CVE-2022-2265 | 1 Identity And Directory Management System Project | 1 Identity And Directory Management System | 2023-09-03 | N/A | 7.5 HIGH |
| The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25 | |||||
| CVE-2023-39559 | 1 Web-audimex | 1 Audimexee | 2023-08-31 | N/A | 5.3 MEDIUM |
| AudimexEE 15.0 was discovered to contain a full path disclosure vulnerability. | |||||