Total
6484 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-4384 | 1 Apple | 1 Iphone Os | 2024-08-06 | N/A |
Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle. | ||||
CVE-2014-3914 | 1 Rocketsoftware | 1 Rocket Servergraph | 2024-08-06 | N/A |
Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows remote attackers to (1) create arbitrary files via a .. (dot dot) in the query parameter in a writeDataFile action to the fileRequestor servlet, execute arbitrary files via a .. (dot dot) in the query parameter in a (2) run or (3) runClear action to the fileRequestor servlet, (4) read arbitrary files via a readDataFile action to the fileRequestor servlet, (5) execute arbitrary code via a save_server_groups action to the userRequest servlet, or (6) delete arbitrary files via a del action in the fileRequestServlet servlet. | ||||
CVE-2014-3972 | 1 Apexis | 2 Apm-j601-ws, Apm-j601-ws Firmware | 2024-08-06 | N/A |
Directory traversal vulnerability in Apexis APM-J601-WS cameras with firmware before 17.35.2.49 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2014-3855 | 1 Pyplate | 1 Pyplate | 2024-08-06 | N/A |
Directory traversal vulnerability in download.py in Pyplate 0.08 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
CVE-2014-3865 | 1 Debian | 1 Dpkg-dev | 2024-08-06 | N/A |
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and +++ header lines or (2) a +++ header line with a blank pathname. | ||||
CVE-2014-3864 | 1 Debian | 1 Dpkg-dev | 2024-08-06 | N/A |
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line. | ||||
CVE-2014-3777 | 1 Reportico | 1 Php Report Designer | 2024-08-06 | N/A |
Directory traversal vulnerability in Reportico PHP Report Designer before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the xmlin parameter. | ||||
CVE-2014-3806 | 1 Vmturbo | 1 Operations Manager | 2024-08-06 | N/A |
Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter. | ||||
CVE-2014-3744 | 1 Nodejs | 1 Node.js | 2024-08-06 | N/A |
Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path. | ||||
CVE-2014-3697 | 1 Pidgin | 1 Pidgin | 2024-08-06 | N/A |
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme. | ||||
CVE-2014-3578 | 2 Pivotal Software, Redhat | 5 Spring Framework, Jboss Bpms, Jboss Brms and 2 more | 2024-08-06 | N/A |
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL. | ||||
CVE-2014-3664 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2024-08-06 | N/A |
Directory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Overall/READ permission to read arbitrary files via unspecified vectors. | ||||
CVE-2014-3641 | 2 Openstack, Redhat | 2 Cinder, Openstack | 2024-08-06 | N/A |
The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header. | ||||
CVE-2014-3702 | 1 Redhat | 1 Edeploy | 2024-08-06 | N/A |
Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary directories and files and consequently cause a denial of service (resource consumption) via a .. (dot dot) the session parameter. | ||||
CVE-2014-3625 | 3 Pivotal Software, Redhat, Vmware | 7 Spring Framework, Jboss Amq, Jboss Bpms and 4 more | 2024-08-06 | N/A |
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling. | ||||
CVE-2014-3460 | 1 Microfocus | 2 Sentinel, Sentinel Agent Manager | 2024-08-06 | N/A |
Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname. | ||||
CVE-2014-3340 | 1 Cisco | 1 Webex Meetmenow | 2024-08-06 | N/A |
Directory traversal vulnerability in an unspecified PHP script in the server in Cisco WebEx MeetMeNow allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCuo16166. | ||||
CVE-2014-3317 | 1 Cisco | 1 Unified Communications Manager | 2024-08-06 | N/A |
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314. | ||||
CVE-2014-3323 | 1 Cisco | 1 Unified Contact Center Enterprise | 2024-08-06 | N/A |
Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote authenticated users to read arbitrary web-root files via a crafted URL, aka Bug ID CSCun25262. | ||||
CVE-2014-3319 | 1 Cisco | 1 Unified Communications Manager | 2024-08-06 | N/A |
Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676. |