Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22887 | 1 Apache | 1 Airflow | 2023-07-20 | N/A | 6.5 MEDIUM |
| Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the run_id parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version that is not affected | |||||
| CVE-2023-37960 | 1 Jenkins | 1 Mathworks Polyspace | 2023-07-20 | N/A | 6.5 MEDIUM |
| Jenkins MathWorks Polyspace Plugin 1.0.5 and earlier allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file systems. | |||||
| CVE-2023-33989 | 1 Sap | 1 Netweaver Bi Content | 2023-07-19 | N/A | 8.1 HIGH |
| An attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system compromise. | |||||
| CVE-2023-34117 | 1 Zoom | 1 Zoom Software Development Kit | 2023-07-18 | N/A | 3.3 LOW |
| Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access. | |||||
| CVE-2022-24715 | 1 Icinga | 1 Icinga Web 2 | 2023-07-17 | 6.0 MEDIUM | 8.8 HIGH |
| Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration. | |||||
| CVE-2023-36460 | 1 Joinmastodon | 1 Mastodon | 2023-07-14 | N/A | 9.9 CRITICAL |
| Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully crafted media files can cause Mastodon's media processing code to create arbitrary files at any location. This allows attackers to create and overwrite any file Mastodon has access to, allowing Denial of Service and arbitrary Remote Code Execution. Versions 3.5.9, 4.0.5, and 4.1.3 contain a patch for this issue. | |||||
| CVE-2023-37288 | 1 Smartsoft | 1 Smartbpm.net | 2023-07-13 | N/A | 7.5 HIGH |
| SmartBPM.NET component has a vulnerability of path traversal within its file download function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files. | |||||
| CVE-2023-36301 | 1 Talend | 1 Data Catalog | 2023-07-13 | N/A | 7.5 HIGH |
| Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet. | |||||
| CVE-2023-23907 | 1 Milesight | 1 Milesightvpn | 2023-07-13 | N/A | 7.5 HIGH |
| A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2022-23602 | 1 Nim-lang | 2 Docutils, Nimforum | 2023-07-13 | 5.5 MEDIUM | 8.1 HIGH |
| Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file if able. This can also be done silently by using NimForum's post "preview" endpoint. Even if NimForum is running as a non-critical user, the forum.json secrets can be stolen. Version 2.2.0 of NimForum includes patches for this vulnerability. Users are advised to upgrade as soon as is possible. There are no known workarounds for this issue. | |||||
| CVE-2023-23547 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-07-13 | N/A | 6.5 MEDIUM |
| A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2020-21862 | 1 Duxcms Project | 1 Duxcms | 2023-07-12 | N/A | 8.1 HIGH |
| Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del. | |||||
| CVE-2023-36822 | 1 Uptime-kuma Project | 1 Uptime-kuma | 2023-07-12 | N/A | 8.1 HIGH |
| Uptime Kuma, a self-hosted monitoring tool, has a path traversal vulnerability in versions prior to 1.22.1. Uptime Kuma allows authenticated users to install plugins from an official list of plugins. This feature is currently disabled in the web interface, but the corresponding API endpoints are still available after login. Before a plugin is downloaded, the plugin installation directory is checked for existence. If it exists, it's removed before the plugin installation. Because the plugin is not validated against the official list of plugins or sanitized, the check for existence and the removal of the plugin installation directory are prone to path traversal. This vulnerability allows an authenticated attacker to delete files from the server Uptime Kuma is running on. Depending on which files are deleted, Uptime Kuma or the whole system may become unavailable due to data loss. | |||||
| CVE-2023-36827 | 1 Ethyca | 1 Fides | 2023-07-12 | N/A | 7.5 HIGH |
| Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal (directory traversal) vulnerability affects fides versions lower than version `2.15.1`, allowing remote attackers to access arbitrary files on the fides webserver container's filesystem. The vulnerability is patched in fides `2.15.1`. If the Fides webserver API is not directly accessible to attackers and is instead deployed behind a reverse proxy as recommended in Ethyca's security best practice documentation, and the reverse proxy is an AWS application load balancer, the vulnerability can't be exploited by these attackers. An AWS application load balancer will reject this attack with a 400 error. Additionally, any secrets supplied to the container using environment variables rather than a `fides.toml` configuration file are not affected by this vulnerability. | |||||
| CVE-2023-2880 | 1 Frauscher | 1 Frauscher Diagnostic System 101 | 2023-07-12 | N/A | 7.5 HIGH |
| Frauscher Sensortechnik GmbH FDS001 for FAdC/FAdCi v1.3.3 and all previous versions are vulnerable to a path traversal vulnerability of the web interface by a crafted URL without authentication. This enables an remote attacker to read all files on the filesystem of the FDS001 device. | |||||
| CVE-2023-24256 | 1 Nio | 2 Aspen, Ec6 | 2023-07-12 | N/A | 7.8 HIGH |
| An issue in the com.nextev.datastatistic component of NIO EC6 Aspen before v3.3.0 allows attackers to escalate privileges via path traversal. | |||||
| CVE-2022-28127 | 1 Robustel | 2 R1510, R1510 Firmware | 2023-07-11 | 6.4 MEDIUM | 9.1 CRITICAL |
| A data removal vulnerability exists in the web_server /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2023-35975 | 1 Arubanetworks | 14 Arubaos, Mc-va-10, Mc-va-1k and 11 more | 2023-07-11 | N/A | 8.1 HIGH |
| An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system. | |||||
| CVE-2021-3856 | 1 Redhat | 1 Keycloak | 2023-07-10 | N/A | 4.3 MEDIUM |
| ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available. | |||||
| CVE-2023-36819 | 1 Eng | 1 Knowage | 2023-07-10 | N/A | 6.5 MEDIUM |
| Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint `_/knowage/restful-services/dossier/importTemplateFile_` allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch and prior to version 8.1.8, the application does not sanitize the `_templateName_ `parameter allowing an attacker to use `*../*` in it, and escaping the directory the template are normally placed and download any file from the system. This vulnerability allows a low privileged attacker to exfiltrate sensitive configuration file. This issue has been patched in Knowage version 8.1.8. | |||||