Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26216 | 1 Tibco | 1 Ebx Add-ons | 2023-06-01 | N/A | 7.2 HIGH |
| The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an exploitable vulnerability that allows an attacker to upload files to a directory accessible by the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below. | |||||
| CVE-2023-26215 | 1 Tibco | 1 Ebx Add-ons | 2023-06-01 | N/A | 6.5 MEDIUM |
| The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that allows an attacker with low-privileged application access to read system files that are accessible to the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below. | |||||
| CVE-2023-28382 | 1 Et-x | 1 Ess Rec | 2023-06-01 | N/A | 8.1 HIGH |
| Directory traversal vulnerability in ESS REC Agent Server Edition series allows an authenticated attacker to view or alter an arbitrary file on the server. Affected products and versions are as follows: ESS REC Agent Server Edition for Linux V1.0.0 to V1.4.3, ESS REC Agent Server Edition for Solaris V1.1.0 to V1.4.0, ESS REC Agent Server Edition for HP-UX V1.1.0 to V1.4.0, and ESS REC Agent Server Edition for AIX V1.2.0 to V1.4.1 | |||||
| CVE-2022-36327 | 1 Westerndigital | 17 My Cloud, My Cloud Dl2100, My Cloud Dl4100 and 14 more | 2023-05-31 | N/A | 9.8 CRITICAL |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires an authentication bypass issue to be triggered before this can be exploited. This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202. | |||||
| CVE-2020-20012 | 1 Sudytech | 1 Webplus Pro | 2023-05-30 | N/A | 9.8 CRITICAL |
| WebPlus Pro v1.4.7.8.4-01 is vulnerable to Incorrect Access Control. | |||||
| CVE-2023-28413 | 1 Snow Monkey Forms Project | 1 Snow Monkey Forms | 2023-05-30 | N/A | 9.8 CRITICAL |
| Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and earlier allows a remote unauthenticated attacker to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition. | |||||
| CVE-2023-28408 | 1 Mw Wp Form Project | 1 Mw Wp Form | 2023-05-30 | N/A | 9.8 CRITICAL |
| Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings. | |||||
| CVE-2023-27507 | 1 Microengine | 1 Mailform | 2023-05-30 | N/A | 9.8 CRITICAL |
| MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it. | |||||
| CVE-2021-41072 | 2 Debian, Squashfs-tools Project | 2 Debian Linux, Squashfs-tools | 2023-05-30 | 5.8 MEDIUM | 8.1 HIGH |
| squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem. | |||||
| CVE-2023-2825 | 1 Gitlab | 1 Gitlab | 2023-05-29 | N/A | 7.5 HIGH |
| An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. | |||||
| CVE-2022-36328 | 1 Westerndigital | 17 My Cloud, My Cloud Dl2100, My Cloud Dl4100 and 14 more | 2023-05-27 | N/A | 4.9 MEDIUM |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This can only be exploited once an attacker gains root privileges on the devices using an authentication bypass issue or another vulnerability.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202. | |||||
| CVE-2023-27067 | 1 Sitecore | 1 Experience Platform | 2023-05-27 | N/A | 7.5 HIGH |
| Directory Traversal vulnerability in Sitecore Experience Platform through 10.2 allows remote attackers to download arbitrary files via crafted command to download.aspx | |||||
| CVE-2023-27066 | 1 Sitecore | 1 Experience Platform | 2023-05-27 | N/A | 6.5 MEDIUM |
| Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle. | |||||
| CVE-2023-32322 | 1 Ombi | 1 Ombi | 2023-05-26 | N/A | 4.9 MEDIUM |
| Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. Versions prior to 4.38.2 contain an arbitrary file read vulnerability where an Ombi administrative user may access files available to the Ombi server process on the host operating system. Ombi administrators may not always be local system administrators and so this may violate the security expectations of the system. The arbitrary file read vulnerability was present in `ReadLogFile` and `Download` endpoints in `SystemControllers.cs` as the parameter `logFileName` is not sanitized before being combined with the `Logs` directory. When using `Path.Combine(arg1, arg2, arg3)`, an attacker may be able to escape to folders/files outside of `Path.Combine(arg1, arg2)` by using ".." in `arg3`. In addition, by specifying an absolute path for `arg3`, `Path.Combine` will completely ignore the first two arguments and just return just `arg3`. This vulnerability can lead to information disclosure. The Ombi `documentation` suggests running Ombi as a Service with Administrator privileges. An attacker targeting such an application may be able to read the files of any Windows user on the host machine and certain system files. This issue has been addressed in commit `b8a8f029` and in release version 4.38.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as GHSL-2023-088. | |||||
| CVE-2023-30199 | 1 Webbax | 1 Customexporter | 2023-05-26 | N/A | 7.5 HIGH |
| Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php. | |||||
| CVE-2023-31904 | 1 Savysoda | 1 Wifi Hd Wireless Disk Drive | 2023-05-25 | N/A | 7.5 HIGH |
| savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion. | |||||
| CVE-2023-32767 | 1 Symcon | 1 Ip Symcon | 2023-05-25 | N/A | 7.5 HIGH |
| The web interface of Symcon IP-Symcon before 6.3 (i.e., before 2023-05-12) allows a remote attacker to read sensitive files via .. directory-traversal sequences in the URL. | |||||
| CVE-2023-31131 | 1 Vmware | 1 Greenplum Database | 2023-05-25 | N/A | 9.1 CRITICAL |
| Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-2196 | 1 Jenkins | 1 Code Dx | 2023-05-25 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system. | |||||
| CVE-2023-32309 | 1 Pymdown Extensions Project | 1 Pymdown Extensions | 2023-05-25 | N/A | 7.5 HIGH |
| PyMdown Extensions is a set of extensions for the `Python-Markdown` markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax `--8<--"/etc/passwd"` or `--8<--"/proc/self/environ"` the content of these files will be rendered in the generated documentation. Additionally, a path relative to a specified, allowed base path can also be used to render the content of a file outside the specified base paths: `--8<-- "../../../../etc/passwd"`. Within the Snippets extension, there exists a `base_path` option but the implementation is vulnerable to Directory Traversal. The vulnerable section exists in `get_snippet_path(self, path)` lines 155 to 174 in snippets.py. Any readable file on the host where the plugin is executing may have its content exposed. This can impact any use of Snippets that exposes the use of Snippets to external users. It is never recommended to use Snippets to process user-facing, dynamic content. It is designed to process known content on the backend under the control of the host, but if someone were to accidentally enable it for user-facing content, undesired information could be exposed. This issue has been addressed in version 10.0. Users are advised to upgrade. Users unable to upgrade may restrict relative paths by filtering input. | |||||