Total
8483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-1703 | 1 Crmeb | 1 Crmeb | 2025-01-03 | 2.7 LOW | 3.5 LOW |
| A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254391. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1704 | 1 Crmeb | 1 Crmeb | 2025-01-03 | 5.2 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been declared as critical. This vulnerability affects the function save/delete of the file /adminapi/system/crud. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254392. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-12830 | 1 Arista | 1 Ng Firewall | 2025-01-03 | N/A | 7.3 HIGH |
| Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the custom_handler method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the www-data user. Was ZDI-CAN-24019. | |||||
| CVE-2023-34865 | 2 Linux, Ujcms | 2 Linux Kernel, Ujcms | 2025-01-03 | N/A | 9.8 CRITICAL |
| Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature. | |||||
| CVE-2021-43783 | 1 Linuxfoundation | 1 Backstage | 2025-01-03 | 5.5 MEDIUM | 8.5 HIGH |
| @backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend host instance. This vulnerability can in some situation also be exploited through user input when executing a template, meaning you do not need write access to the templates. This method will not allow the attacker to control the contents of the injected file however, unless the template is also crafted in a specific way that gives control of the file contents. This vulnerability is fixed in version `0.15.14` of the `@backstage/plugin-scaffolder-backend`. This attack is mitigated by restricting access and requiring reviews when registering or modifying scaffolder templates. | |||||
| CVE-2024-45816 | 1 Linuxfoundation | 1 Backstage | 2025-01-03 | N/A | 6.5 MEDIUM |
| Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks in Backstage. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. All users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-45401 | 1 Stripe | 1 Stripe Cli | 2025-01-02 | N/A | 7.5 HIGH |
| stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags can overwrite arbitrary files. The update in version 1.21.3 addresses the path traversal vulnerability by removing the ability to install plugins from an archive URL or path. There has been no evidence of exploitation of this vulnerability. | |||||
| CVE-2023-29200 | 1 Contao | 1 Contao | 2025-01-02 | N/A | 4.3 MEDIUM |
| Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao 4.9.40, 4.13.21 or 5.1.4 to receive a patch. There are no known workarounds. | |||||
| CVE-2024-0113 | 1 Nvidia | 8 Mga100-hs2, Mlnx-gw, Mlnx-os and 5 more | 2024-12-26 | N/A | 7.5 HIGH |
| NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure. | |||||
| CVE-2024-7565 | 1 Smartbear | 1 Soapui | 2024-12-19 | N/A | 7.8 HIGH |
| SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the unpackageAll function. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-19060. | |||||
| CVE-2024-41922 | 1 Veertu | 1 Anka Build Cloud | 2024-12-18 | N/A | 7.5 HIGH |
| A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2024-41163 | 1 Veertu | 1 Anka Build Cloud | 2024-12-18 | N/A | 7.5 HIGH |
| A directory traversal vulnerability exists in the archive functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2023-34645 | 1 Jflyfox | 1 Jfinal Cms | 2024-12-17 | N/A | 7.5 HIGH |
| jfinal CMS 5.1.0 has an arbitrary file read vulnerability. | |||||
| CVE-2023-42791 | 1 Fortinet | 1 Fortimanager | 2024-12-16 | N/A | 8.8 HIGH |
| A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests. | |||||
| CVE-2024-36362 | 1 Jetbrains | 1 Teamcity | 2024-12-16 | N/A | 6.5 MEDIUM |
| In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible | |||||
| CVE-2024-12482 | 1 Cjbi | 1 Wetech-cms | 2024-12-13 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the component Database Backup Handler. The manipulation of the argument name leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2434 | 1 Gitlab | 1 Gitlab | 2024-12-12 | N/A | 8.5 HIGH |
| An issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 prior to 16.9.6, 16.10 prior to 16.10.4, and 16.11 prior to 16.11.1 where path traversal could lead to DoS and restricted file read. | |||||
| CVE-2023-35844 | 1 Lightdash | 1 Lightdash | 2024-12-12 | N/A | 7.5 HIGH |
| packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension (.csv or .png) is used. | |||||
| CVE-2023-35843 | 1 Nocodb | 1 Nocodb | 2024-12-12 | N/A | 7.5 HIGH |
| NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information. | |||||
| CVE-2023-35840 | 1 Std42 | 1 Elfinder | 2024-12-12 | N/A | 6.5 MEDIUM |
| _joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector. | |||||