Total
6515 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-29373 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 6.5 Medium |
An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d. | ||||
CVE-2020-29166 | 1 Rainbowfishsoftware | 1 Pacsone Server | 2024-08-04 | 7.5 High |
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by file read/manipulation, which can result in remote information disclosure. | ||||
CVE-2020-28993 | 1 Atx | 2 Minicmts200a, Minicmts200a Firmware | 2024-08-04 | 7.5 High |
A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. Successful exploitation of this vulnerability would allow an unauthenticated attacker to retrieve administrator credentials by sending a malicious POST request. | ||||
CVE-2020-29134 | 1 Totvs | 1 Fluig | 2024-08-04 | 8.6 High |
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4 | ||||
CVE-2020-29050 | 2 Debian, Sphinxsearch | 2 Debian Linux, Sphinx | 2024-08-04 | 7.5 High |
SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc directory). NOTE: this is unrelated to CMUSphinx. | ||||
CVE-2020-29026 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2024-08-04 | 9 Critical |
A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c. | ||||
CVE-2020-28574 | 1 Trendmicro | 1 Worry-free Business Security | 2024-08-04 | 7.5 High |
A unauthenticated path traversal arbitrary remote file deletion vulnerability in Trend Micro Worry-Free Business Security 10 SP1 could allow an unauthenticated attacker to exploit the vulnerability and modify or delete arbitrary files on the product's management console. | ||||
CVE-2020-28348 | 1 Hashicorp | 1 Nomad | 2024-08-04 | 6.5 Medium |
HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8. | ||||
CVE-2020-28374 | 4 Debian, Fedoraproject, Linux and 1 more | 9 Debian Linux, Fedora, Linux Kernel and 6 more | 2024-08-04 | 8.1 High |
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore. | ||||
CVE-2020-28337 | 1 Microweber | 1 Microweber | 2024-08-04 | 7.2 High |
A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload a maliciously constructed ZIP file with file paths including relative paths (i.e., ../../), move this file into the backup directory, and execute a restore on this file. | ||||
CVE-2020-28187 | 1 Terra-master | 1 Tos | 2024-08-04 | 9.8 Critical |
Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event parameter to /include/ajax/logtable.php, or opt parameter to /include/core/index.php. | ||||
CVE-2020-27993 | 1 Hrsale | 1 Hrsale | 2024-08-04 | 5.3 Medium |
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files. | ||||
CVE-2020-27994 | 1 Solarwinds | 1 Serv-u | 2024-08-04 | 6.5 Medium |
SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal. | ||||
CVE-2020-27896 | 1 Apple | 2 Mac Os X, Macos | 2024-08-04 | 5.5 Medium |
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to modify the file system. | ||||
CVE-2020-27859 | 1 Nec | 1 Esmpro Manager | 2024-08-04 | 7.5 High |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetEuaLogDownloadAction class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-9607. | ||||
CVE-2020-27870 | 1 Solarwinds | 1 Orion Platform | 2024-08-04 | 6.5 Medium |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917. | ||||
CVE-2020-27871 | 1 Solarwinds | 1 Orion Platform | 2024-08-04 | 7.2 High |
This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902. | ||||
CVE-2020-27730 | 2 F5, Netapp | 2 Nginx Controller, Cloud Backup | 2024-08-04 | 9.8 Critical |
In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities. | ||||
CVE-2020-27637 | 1 R-project | 1 Cran | 2024-08-04 | 9.8 Critical |
The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages() function from the interpreter. Update to version 4.0.3 | ||||
CVE-2020-27553 | 1 Basetech | 2 Ge-131 Bt-1837836, Ge-131 Bt-1837836 Firmware | 2024-08-04 | 7.5 High |
In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. This allows an attacker with network access to the web-server to download any files from the “/etc” folder without authentication. No path traversal sequences are needed to exploit this vulnerability. |