Total
6519 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-1853 | 1 Huawei | 1 Gaussdb 200 | 2024-08-04 | 6.5 Medium |
| GaussDB 200 with version of 6.5.1 have a path traversal vulnerability. Due to insufficient input path validation, an authenticated attacker can traverse directories and download files to a specific directory. Successful exploit may cause information leakage. | ||||
| CVE-2020-1737 | 1 Redhat | 2 Ansible Engine, Ansible Tower | 2024-08-04 | 7.5 High |
| A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10. | ||||
| CVE-2020-1735 | 3 Debian, Fedoraproject, Redhat | 7 Debian Linux, Fedora, Ansible and 4 more | 2024-08-04 | 4.2 Medium |
| A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. | ||||
| CVE-2020-1699 | 2 Linuxfoundation, Redhat | 2 Ceph, Ceph Storage | 2024-08-04 | 7.5 High |
| A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph dashboard. | ||||
| CVE-2020-1082 | 1 Microsoft | 4 Windows 10, Windows Server, Windows Server 2016 and 1 more | 2024-08-04 | 7.8 High |
| An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1021, CVE-2020-1088. | ||||
| CVE-2020-0539 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2024-08-04 | 5.5 Medium |
| Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access. | ||||
| CVE-2020-0520 | 1 Intel | 1 Graphics Driver | 2024-08-04 | 7.8 High |
| Path traversal in igdkmd64.sys for Intel(R) Graphics Drivers before versions 15.45.30.5103, 15.40.44.5107, 15.36.38.5117 and 15.33.49.5100 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access. | ||||
| CVE-2020-0179 | 1 Google | 1 Android | 2024-08-04 | 7.8 High |
| In doSendObjectInfo of MtpServer.cpp, there is a possible path traversal attack due to insufficient input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is required for exploitation.Product: AndroidVersions: Android-10Android ID: A-130656917 | ||||
| CVE-2021-46830 | 1 Helpsystems | 1 Goanywhere Managed File Transfer | 2024-08-04 | 6.5 Medium |
| A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a higher directory level than intended. | ||||
| CVE-2021-46856 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-04 | 7.5 High |
| The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2021-46381 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2024-08-04 | 7.5 High |
| Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow]. | ||||
| CVE-2021-46417 | 1 Franklinfueling | 2 Colibri, Colibri Firmware | 2024-08-04 | 7.5 High |
| Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580. | ||||
| CVE-2021-46421 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-08-04 | 7.5 High |
| Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | ||||
| CVE-2021-46420 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-08-04 | 7.5 High |
| Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | ||||
| CVE-2021-46203 | 1 Taogogo | 1 Taocms | 2024-08-04 | 6.5 Medium |
| Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. | ||||
| CVE-2021-46104 | 1 Webp | 1 Webp Server Go | 2024-08-04 | 7.5 High |
| An issue was discovered in webp_server_go 0.4.0. There is a directory traversal vulnerability that can read arbitrary file information on the server. | ||||
| CVE-2021-45967 | 2 Igniterealtime, Pascom | 2 Openfire, Cloud Phone System | 2024-08-04 | 9.8 Critical |
| An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints. | ||||
| CVE-2021-45887 | 1 Ponton | 1 X\/p Messenger | 2024-08-04 | 9.8 Critical |
| An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files, an executable script can be uploaded by web application administrators, giving the attacker remote code execution on the underlying server via an imgs/*.jsp URI. | ||||
| CVE-2021-45712 | 1 Rust-embed Project | 1 Rust-embed | 2024-08-04 | 7.5 High |
| An issue was discovered in the rust-embed crate before 6.3.0 for Rust. A ../ directory traversal can sometimes occur in debug mode. | ||||
| CVE-2021-45783 | 1 Bookeen | 2 Notea, Notea Firmware | 2024-08-04 | 4.6 Medium |
| Bookeen Notea Firmware BK_R_1.0.5_20210608 is affected by a directory traversal vulnerability that allows an attacker to obtain sensitive information. | ||||