Total
6553 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-35975 | 1 Arubanetworks | 14 Arubaos, Mc-va-10, Mc-va-1k and 11 more | 2024-08-02 | 6.5 Medium |
An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system. | ||||
CVE-2023-35881 | 2024-08-02 | 7.6 High | ||
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WooCommerce WooCommerce One Page Checkout allows PHP Local File Inclusion.This issue affects WooCommerce One Page Checkout: from n/a through 2.3.0. | ||||
CVE-2023-35852 | 1 Oisf | 1 Suricata | 2024-08-02 | 7.5 High |
In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring allow-absolute-filenames and allow-write (in the datasets rules configuration section) if an installation requires traversal/writing in this situation. | ||||
CVE-2023-35840 | 1 Std42 | 1 Elfinder | 2024-08-02 | 6.5 Medium |
_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector. | ||||
CVE-2023-35843 | 1 Nocodb | 1 Nocodb | 2024-08-02 | 7.5 High |
NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information. | ||||
CVE-2023-35801 | 1 Safe | 1 Fme Server | 2024-08-02 | 8.1 High |
A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have access to a user account with write privileges. FME Flow 2023.0 is also a fixed version. | ||||
CVE-2023-35844 | 1 Lightdash | 1 Lightdash | 2024-08-02 | 7.5 High |
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension (.csv or .png) is used. | ||||
CVE-2023-35670 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35169 | 1 Webklex | 1 Php-imap | 2024-08-02 | 9.1 Critical |
PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a remote code execution vulnerability. Every application that stores attachments with `Attachment::save()` without providing a `$filename` or passing unsanitized user input is affected by this attack. An attacker can send an email with a malicious attachment to the inbox, which gets crawled with `webklex/php-imap` or `webklex/laravel-imap`. Prerequisite for the vulnerability is that the script stores the attachments without providing a `$filename`, or providing an unsanitized `$filename`, in `src/Attachment::save(string $path, string $filename = null)`. In this case, where no `$filename` gets passed into the `Attachment::save()` method, the package would use a series of unsanitized and insecure input values from the mail as fallback. Even if a developer passes a `$filename` into the `Attachment::save()` method, e.g. by passing the name or filename of the mail attachment itself (from email headers), the input values never get sanitized by the package. There is also no restriction about the file extension (e.g. ".php") or the contents of a file. This allows an attacker to upload malicious code of any type and content at any location where the underlying user has write permissions. The attacker can also overwrite existing files and inject malicious code into files that, e.g. get executed by the system via cron or requests. Version 5.3.0 contains a patch for this issue. | ||||
CVE-2023-35069 | 1 Biges | 1 Bullwark Momentum Series | 2024-08-02 | 7.5 High |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal.This issue affects Bullwark: before BLW-2016E-960H. | ||||
CVE-2023-35020 | 3 Ibm, Linux, Microsoft | 5 Aix, Linux On Ibm Z, Sterling Control Center and 2 more | 2024-08-02 | 5.4 Medium |
IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874. | ||||
CVE-2023-34843 | 1 Traggo | 1 Traggo | 2024-08-02 | 7.5 High |
Traggo Server 0.3.0 is vulnerable to directory traversal via a crafted GET request. | ||||
CVE-2023-34880 | 1 Cmseasy | 1 Cmseasy | 2024-08-02 | 9.8 Critical |
cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admin/language_admin.php. This vulnerability allows attackers to execute arbitrary code and perform a local file inclusion. | ||||
CVE-2023-34865 | 2 Linux, Ujcms | 2 Linux Kernel, Ujcms | 2024-08-02 | 9.8 Critical |
Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature. | ||||
CVE-2023-34939 | 1 Onlyoffice | 1 Onlyoffice | 2024-08-02 | 9.8 Critical |
Onlyoffice Community Server before v12.5.2 was discovered to contain a remote code execution (RCE) vulnerability via the component UploadProgress.ashx. | ||||
CVE-2023-34598 | 1 Gibbonedu | 1 Gibbon | 2024-08-02 | 9.8 Critical |
Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response. | ||||
CVE-2023-34407 | 1 Harbingergroup | 1 Office Player | 2024-08-02 | 7.5 High |
OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL. | ||||
CVE-2023-34345 | 1 Ami | 1 Megarac Sp-x | 2024-08-02 | 6.5 Medium |
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information disclosure. | ||||
CVE-2023-34409 | 1 Percona | 1 Monitoring And Management | 2024-08-02 | 9.8 Critical |
In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made against unauthenticated API routes, to access otherwise protected API routes leading to escalation of privileges and information disclosure. | ||||
CVE-2023-34342 | 1 Ami | 1 Megarac Sp-x | 2024-08-02 | 6 Medium |
AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, or data tampering. |