Total
186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37913 | 1 Xwiki | 1 Xwiki | 2024-11-21 | N/A | 9.9 CRITICAL |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 3.5-milestone-1 and prior to versions 14.10.8 and 15.3-rc-1, triggering the office converter with a specially crafted file name allows writing the attachment's content to an attacker-controlled location on the server as long as the Java process has write access to that location. In particular in the combination with attachment moving, a feature introduced in XWiki 14.0, this is easy to reproduce but it also possible to reproduce in versions as old as XWiki 3.5 by uploading the attachment through the REST API which doesn't remove `/` or `\` from the filename. As the mime type of the attachment doesn't matter for the exploitation, this could e.g., be used to replace the `jar`-file of an extension which would allow executing arbitrary Java code and thus impact the confidentiality, integrity and availability of the XWiki installation. This vulnerability has been patched in XWiki 14.10.8 and 15.3RC1. There are no known workarounds apart from disabling the office converter. | |||||
| CVE-2023-34117 | 1 Zoom | 1 Zoom Software Development Kit | 2024-11-21 | N/A | 3.3 LOW |
| Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access. | |||||
| CVE-2023-33144 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | N/A | 6.6 MEDIUM |
| Visual Studio Code Spoofing Vulnerability | |||||
| CVE-2023-2356 | 1 Lfprojects | 1 Mlflow | 2024-11-21 | N/A | 7.5 HIGH |
| Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. | |||||
| CVE-2023-23391 | 1 Microsoft | 1 Office | 2024-11-21 | N/A | 5.5 MEDIUM |
| Office for Android Spoofing Vulnerability | |||||
| CVE-2023-23379 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability | |||||
| CVE-2023-1112 | 1 Drag And Drop Multiple File Uploader Pro - Contact Form 7 Project | 1 Drag And Drop Multiple File Uploader Pro - Contact Form 7 | 2024-11-21 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1. It has been classified as critical. Affected is an unknown function of the file admin-ajax.php. The manipulation of the argument upload_name leads to relative path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222072. | |||||
| CVE-2023-0745 | 1 Yugabyte | 1 Yugabytedb Managed | 2024-11-21 | N/A | 6.7 MEDIUM |
| The High Availability functionality of Yugabyte Anywhere can be abused to write arbitrary files through the backup upload endpoint by using path traversal characters. This vulnerability is associated with program files PlatformReplicationManager.Java. This issue affects YugabyteDB Anywhere: from 2.0.0.0 through 2.13.0.0 | |||||
| CVE-2022-38205 | 1 Esri | 1 Portal For Arcgis | 2024-11-21 | N/A | 8.6 HIGH |
| In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a directory traversal issue may allow a remote, unauthenticated attacker to traverse the file system and lead to the disclosure of sensitive data (not customer-published content). | |||||
| CVE-2022-38202 | 1 Esri | 1 Arcgis Server | 2024-11-21 | N/A | 7.5 HIGH |
| There is a path traversal vulnerability in Esri ArcGIS Server versions 10.9.1 and below. Successful exploitation may allow a remote, unauthenticated attacker traverse the file system to access files outside of the intended directory on ArcGIS Server. This could lead to the disclosure of sensitive site configuration information (not user datasets). | |||||
| CVE-2022-31163 | 2 Debian, Tzinfo Project | 2 Debian Linux, Tzinfo | 2024-11-21 | N/A | 7.5 HIGH |
| TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source, time zones are defined in Ruby files. There is one file per time zone. Time zone files are loaded with `require` on demand. In the affected versions, `TZInfo::Timezone.get` fails to validate time zone identifiers correctly, allowing a new line character within the identifier. With Ruby version 1.9.3 and later, `TZInfo::Timezone.get` can be made to load unintended files with `require`, executing them within the Ruby process. Versions 0.3.61 and 1.2.10 include fixes to correctly validate time zone identifiers. Versions 2.0.0 and later are not vulnerable. Version 0.3.61 can still load arbitrary files from the Ruby load path if their name follows the rules for a valid time zone identifier and the file has a prefix of `tzinfo/definition` within a directory in the load path. Applications should ensure that untrusted files are not placed in a directory on the load path. As a workaround, the time zone identifier can be validated before passing to `TZInfo::Timezone.get` by ensuring it matches the regular expression `\A[A-Za-z0-9+\-_]+(?:\/[A-Za-z0-9+\-_]+)*\z`. | |||||
| CVE-2022-2922 | 1 Dnnsoftware | 1 Dotnetnuke | 2024-11-21 | N/A | 4.9 MEDIUM |
| Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0. | |||||
| CVE-2022-29844 | 1 Westerndigital | 16 My Cloud Dl2100, My Cloud Dl2100 Firmware, My Cloud Dl4100 and 13 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker. | |||||
| CVE-2022-28814 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gain full control of the device. | |||||
| CVE-2021-41178 | 1 Nextcloud | 1 Server | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files. This could also be leveraged into a XSS/phishing attack, an attacker could upload a malicious SVG file that mimics the Nextcloud login form and send a specially crafted link to victims. The XSS risk here is mitigated due to the fact that Nextcloud employs a strict Content-Security-Policy disallowing execution of arbitrary JavaScript. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading. | |||||
| CVE-2021-41127 | 1 Rasa | 1 Rasa | 2024-11-21 | 5.8 MEDIUM | 7.3 HIGH |
| Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model `tar.gz` file which allows a malicious actor to craft a `model.tar.gz` file which can overwrite or replace bot files in the bot directory. The vulnerability is fixed in Rasa 2.8.10. For users unable to update ensure that users do not upload untrusted model files, and restrict CLI or API endpoint access where a malicious actor could target a deployed Rasa instance. | |||||
| CVE-2021-34605 | 1 Xinje | 1 Xd\/e Series Plc Program Tool | 2024-11-21 | 6.0 MEDIUM | 7.3 HIGH |
| A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an upload program request from an infected Xinje PLC. This can result in remote code execution, information disclosure and denial of service of the system running the XINJE XD/E Series PLC Program Tool. | |||||
| CVE-2021-29488 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2024-11-21 | 5.0 MEDIUM | 4.3 MEDIUM |
| SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the `filesystem.renamer()` function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround, limit downloads to NZBs without PAR2 files, deny write permissions to the SABnzbd process outside areas it must access to perform its job, or update to a fixed version. | |||||
| CVE-2021-22281 | 1 Br-automation | 1 Automation Studio | 2024-11-21 | N/A | 6.3 MEDIUM |
| : Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12. | |||||
| CVE-2020-25172 | 1 Bbraun | 1 Onlinesuite Application Package | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files. | |||||