Total
6481 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-8799 | 1 Dukapress | 1 Dukapress | 2024-08-06 | N/A |
| Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter to lib/dp_image.php. | ||||
| CVE-2014-8801 | 1 Strangerstudios | 1 Paid Memberships Pro | 2024-08-06 | N/A |
| Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the QUERY_STRING in a getfile action to wp-admin/admin-ajax.php. | ||||
| CVE-2014-8742 | 1 Lexmark | 1 Markvision Enterprise | 2024-08-06 | 7.5 High |
| Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2014-8737 | 4 Canonical, Fedoraproject, Gnu and 1 more | 4 Ubuntu Linux, Fedora, Binutils and 1 more | 2024-08-06 | N/A |
| Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar. | ||||
| CVE-2014-8741 | 1 Lexmark | 1 Markvision Enterprise | 2024-08-06 | 9.8 Critical |
| Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors. | ||||
| CVE-2014-8727 | 1 F5 | 1 Big-ip Local Traffic Manager | 2024-08-06 | N/A |
| Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tmui/system/archive/properties.jsp or (2) tmui/Control/form. | ||||
| CVE-2014-8704 | 1 Wondercms | 1 Wondercms | 2024-08-06 | N/A |
| Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to include and execute arbitrary local files via a crafted theme. | ||||
| CVE-2014-8676 | 1 Soplanning | 1 Soplanning | 2024-08-06 | N/A |
| Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and earlier allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in a URL path parameter. | ||||
| CVE-2014-8659 | 1 Sap | 1 Environment Health And Safety | 2024-08-06 | N/A |
| Directory traversal vulnerability in SAP Environment, Health, and Safety allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2014-8606 | 1 Xcloner | 1 Xcloner | 2024-08-06 | N/A |
| Directory traversal vulnerability in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to read arbitrary files via a .. (dot dot) in the file parameter in a json_return action in the xcloner_show page to wp-admin/admin-ajax.php. | ||||
| CVE-2014-8555 | 1 Progress | 1 Openedge | 2024-08-06 | N/A |
| Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter. | ||||
| CVE-2014-8478 | 1 Siemens | 9 Scalance X-300, Scalance X-300 Series Firmware, Scalance X-300eec and 6 more | 2024-08-06 | N/A |
| The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote attackers to cause a denial of service (reboot) via malformed HTTP requests. | ||||
| CVE-2014-8360 | 1 Glpi-project | 1 Glpi | 2024-08-06 | N/A |
| Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php. | ||||
| CVE-2014-8163 | 1 Redhat | 1 Satellite | 2024-08-06 | N/A |
| Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5. | ||||
| CVE-2014-8114 | 1 Redhat | 3 Jboss Bpms, Jboss Brms, Uberfire | 2024-08-06 | N/A |
| The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet. | ||||
| CVE-2014-8084 | 1 Osclass | 1 Osclass | 2024-08-06 | N/A |
| Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass before 3.4.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action. | ||||
| CVE-2014-8019 | 1 Cisco | 1 Enterprise Content Delivery System | 2024-08-06 | N/A |
| Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCuo90148. | ||||
| CVE-2014-7951 | 1 Google | 1 Android | 2024-08-06 | 4.6 Medium |
| Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the tar archive headers. | ||||
| CVE-2014-7985 | 1 Espocrm | 1 Espocrm | 2024-08-06 | N/A |
| Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter to install/index.php. | ||||
| CVE-2014-7954 | 1 Google | 1 Android | 2024-08-06 | N/A |
| Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. (dot dot) in a name parameter of an MTP request. | ||||