Total
6715 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45175 | 2024-11-21 | N/A | 8.8 HIGH | ||
| An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Sensitive information is stored in cleartext. It was found out that sensitive information, for example login credentials of cameras, is stored in cleartext. Thus, an attacker with filesystem access, for example exploiting a path traversal attack, has access to the login data of all configured cameras, or the configured FTP server. | |||||
| CVE-2024-44625 | 1 Gogs | 1 Gogs | 2024-11-21 | N/A | 8.8 HIGH |
| Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. | |||||
| CVE-2024-42007 | 2024-11-21 | N/A | 5.8 MEDIUM | ||
| SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files. | |||||
| CVE-2024-41799 | 2024-11-21 | N/A | 8.4 HIGH | ||
| tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path" privilege could potentially set malicious .dme files existing on the host machine to be compiled and executed. These .dme files could be uploaded via tgstation-server (requiring a separate, isolated privilege) or some other means. A server configured to execute in BYOND's trusted security level (requiring a third separate, isolated privilege OR being set by another user) could lead to this escalating into remote code execution via BYOND's shell() proc. The ability to execute this kind of attack is a known side effect of having privileged TGS users, but normally requires multiple privileges with known weaknesses. This vector is not intentional as it does not require control over the where deployment code is sourced from and _may_ not require remote write access to an instance's `Configuration` directory. This problem is fixed in versions 6.8.0 and above. | |||||
| CVE-2024-41726 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary executable file may be executed by a user who can log in to the PC where the product's Windows client is installed. | |||||
| CVE-2024-41704 | 1 Librechat | 1 Librechat | 2024-11-21 | N/A | 9.8 CRITICAL |
| LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images. | |||||
| CVE-2024-41695 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory | |||||
| CVE-2024-41628 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. | |||||
| CVE-2024-41373 | 2024-11-21 | N/A | 6.3 MEDIUM | ||
| ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php. | |||||
| CVE-2024-40629 | 1 Fit2cloud | 1 Jumpserver | 2024-11-21 | N/A | 10.0 CRITICAL |
| JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to remote code execution (RCE) in the Celery container. The Celery container runs as root and has database access, allowing an attacker to steal all secrets for hosts, create a new JumpServer account with admin privileges, or manipulate the database in other ways. This issue has been patched in release versions 3.10.12 and 4.0.0. It is recommended to upgrade the safe versions. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-40628 | 1 Fit2cloud | 1 Jumpserver | 2024-11-21 | N/A | 10.0 CRITICAL |
| JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary files in the celery container, leading to sensitive information disclosure. The Celery container runs as root and has database access, allowing the attacker to steal all secrets for hosts, create a new JumpServer account with admin privileges, or manipulate the database in other ways. This issue has been addressed in release versions 3.10.12 and 4.0.0. It is recommended to upgrade the safe versions. There is no known workarounds for this vulnerability. | |||||
| CVE-2024-40617 | 1 Fujitsu | 2 Network Edgiot Gw1500, Network Edgiot Gw1500 Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked. | |||||
| CVE-2024-40550 | 1 Publiccms | 1 Publiccms | 2024-11-21 | N/A | 8.8 HIGH |
| An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2024-40524 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute arbitrary code via the webtool\application.py component. | |||||
| CVE-2024-40348 | 2024-11-21 | N/A | 8.2 HIGH | ||
| An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. | |||||
| CVE-2024-40051 | 1 Ip-guard | 1 Ip-guard | 2024-11-21 | N/A | 7.5 HIGH |
| IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read vulnerability via the file name parameter. | |||||
| CVE-2024-3934 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in versions 7.3.0 to 7.5.1 via the mercadopagoDownloadLog function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download and read the contents of arbitrary files on the server, which can contain sensitive information. The arbitrary file download was patched in 7.5.1, while the missing authorization was corrected in version 7.6.2. | |||||
| CVE-2024-3783 | 2024-11-21 | N/A | 7.7 HIGH | ||
| The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the system. | |||||
| CVE-2024-3737 | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been rated as critical. Affected by this issue is the function findCountByQuery of the file /adminPage/www/addOver. The manipulation of the argument dir leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260576. | |||||
| CVE-2024-3571 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to information disclosure or remote code execution. The issue lies in the handling of file paths in the mset and mget methods, where user-supplied input is not adequately sanitized, allowing directory traversal sequences to reach unintended directories. | |||||