Total
64 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-29053 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | N/A | 8.8 HIGH |
Microsoft Defender for IoT Remote Code Execution Vulnerability | |||||
CVE-2024-28806 | 2024-11-21 | N/A | 7.5 HIGH | ||
An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers can upload files at an arbitrary path. | |||||
CVE-2024-20401 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system. This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. An attacker could exploit this vulnerability by sending an email that contains a crafted attachment through an affected device. A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device. Note: Manual intervention is required to recover from the DoS condition. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition. | |||||
CVE-2023-5390 | 1 Honeywell | 4 Controledge Unit Operations Controller, Controledge Unit Operations Controller Firmware, Controledge Virtual Unit Operations Controller and 1 more | 2024-11-21 | N/A | 5.3 MEDIUM |
An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
CVE-2023-5022 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 5.2 MEDIUM | 5.5 MEDIUM |
A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /include/dialog/select_templets_post.php. The manipulation of the argument activepath leads to absolute path traversal. The associated identifier of this vulnerability is VDB-239863. | |||||
CVE-2023-41830 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
An improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization. | |||||
CVE-2023-40597 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-11-21 | N/A | 7.8 HIGH |
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk. | |||||
CVE-2023-3765 | 2 Lfprojects, Microsoft | 2 Mlflow, Windows | 2024-11-21 | N/A | 10.0 CRITICAL |
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | |||||
CVE-2023-36786 | 1 Microsoft | 1 Skype For Business Server | 2024-11-21 | N/A | 7.2 HIGH |
Skype for Business Remote Code Execution Vulnerability | |||||
CVE-2023-33871 | 1 Iagona | 1 Scrutisweb | 2024-11-21 | N/A | 7.5 HIGH |
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the webroot. | |||||
CVE-2023-32054 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-11-21 | N/A | 7.3 HIGH |
Volume Shadow Copy Elevation of Privilege Vulnerability | |||||
CVE-2023-30970 | 1 Palantir | 2 Gotham Blackbird-witchcraft, Gotham Static-assets-servlet | 2024-11-21 | N/A | 6.5 MEDIUM |
Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system. | |||||
CVE-2023-2101 | 1 Mogublog Project | 1 Mogublog | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226109 was assigned to this vulnerability. | |||||
CVE-2023-1176 | 1 Lfprojects | 1 Mlflow | 2024-11-21 | N/A | 3.3 LOW |
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2. | |||||
CVE-2021-32506 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3 . | |||||
CVE-2021-30173 | 1 Junhetec | 1 Omnidirectional Communication System | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file. | |||||
CVE-2024-10651 | 2024-11-01 | N/A | 4.9 MEDIUM | ||
IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrator privileges to exploit this vulnerability to read arbitrary system files. | |||||
CVE-2024-47883 | 1 Openrefine | 1 Butterfly | 2024-10-29 | N/A | 9.1 CRITICAL |
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local file. However, prior to version 1.2.6, if a `file:/` URL is directly given where a relative path (resource name) is expected, this is also accepted in some code paths; the app then fetches the file, from a remote machine if indicated, and uses it as if it was a trusted part of the app's codebase. This leads to multiple weaknesses and potential weaknesses. An attacker that has network access to the application could use it to gain access to files, either on the the server's filesystem (path traversal) or shared by nearby machines (server-side request forgery with e.g. SMB). An attacker that can lead or redirect a user to a crafted URL belonging to the app could cause arbitrary attacker-controlled JavaScript to be loaded in the victim's browser (cross-site scripting). If an app is written in such a way that an attacker can influence the resource name used for a template, that attacker could cause the app to fetch and execute an attacker-controlled template (remote code execution). Version 1.2.6 contains a patch. | |||||
CVE-2024-45290 | 1 Phpoffice | 1 Phpspreadsheet | 2024-10-16 | N/A | 7.5 HIGH |
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX file, PhpSpreadsheet retrieves the image size and type by reading the file contents, if the provided path is a URL. By using specially crafted `php://filter` URLs an attacker can leak the contents of any file or URL. Note that this vulnerability is different from GHSA-w9xv-qf98-ccq4, and resides in a different component. An attacker can access any file on the server, or leak information form arbitrary URLs, potentially exposing sensitive information such as AWS IAM credentials. This issue has been addressed in release versions 1.29.2, 2.1.1, and 2.3.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
CVE-2024-45291 | 1 Phpoffice | 1 Phpspreadsheet | 2024-10-16 | N/A | 8.8 HIGH |
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images has been enabled in HTML writer with `$writer->setEmbedImages(true);` those files will be included in the output as `data:` URLs, regardless of the file's type. Also URLs can be used for embedding, resulting in a Server-Side Request Forgery vulnerability. When embedding images has been enabled, an attacker can read arbitrary files on the server and perform arbitrary HTTP GET requests. Note that any PHP protocol wrappers can be used, meaning that if for example the `expect://` wrapper is enabled, also remote code execution is possible. This issue has been addressed in release versions 1.29.2, 2.1.1, and 2.3.0. All users are advised to upgrade. there are no known workarounds for this vulnerability. |