Total
7129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5480 | 1 Statichttpserver Project | 1 Statichttpserver | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders. | |||||
| CVE-2019-5447 | 1 Http-file-server Project | 1 Http-file-server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders. | |||||
| CVE-2019-5444 | 1 Serve-here.js Project | 1 Serve-here.js | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder. | |||||
| CVE-2019-5423 | 1 Http-live-simulator Project | 1 Http-live-simulator | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Path traversal vulnerability in http-live-simulator npm package version 1.0.5 allows arbitrary path to be accessed on the file system by a remote attacker. | |||||
| CVE-2019-5417 | 1 Zeit | 1 Serve | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server. | |||||
| CVE-2019-5416 | 1 Localhost-now Project | 1 Localhost-now | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal vulnerability in localhost-now npm package version 1.0.2 allows the attackers to read content of arbitrary files on the remote server. | |||||
| CVE-2019-5356 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5251 | 1 Huawei | 18 Enjoy 7s, Enjoy 7s Firmware, Honor 20s and 15 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. | |||||
| CVE-2019-5221 | 1 Huawei | 2 Mate 20 X, Mate 20 X Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected products: Mate 20 X versions earlier than Ever-L29B 9.1.0.300(C432E3R1P12), versions earlier than Ever-L29B 9.1.0.300(C636E3R2P1), and versions earlier than Ever-L29B 9.1.0.300(C185E3R3P1). | |||||
| CVE-2019-4674 | 1 Ibm | 1 Security Identity Manager | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| IBM Security Identity Manager 7.0.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 171510. | |||||
| CVE-2019-4582 | 1 Ibm | 1 Maximo Asset Management | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 167288. | |||||
| CVE-2019-4460 | 1 Ibm | 1 Api Connect | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 163681. | |||||
| CVE-2019-4442 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote attacker to traverse directories on the file system. An attacker could send a specially-crafted URL request to view arbitrary files on the system but not content. IBM X-Force ID: 163226. | |||||
| CVE-2019-4430 | 1 Ibm | 1 Maximo Asset Management | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Maximo Asset Management 7.6 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162887. | |||||
| CVE-2019-4423 | 1 Ibm | 1 Sterling File Gateway | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162769. | |||||
| CVE-2019-4400 | 1 Ibm | 1 Cloud Orchestrator | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162261. | |||||
| CVE-2019-4384 | 1 Ibm | 1 Campaign | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Campaign 9.1.2 and 10.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162172. | |||||
| CVE-2019-4268 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 160201. | |||||
| CVE-2019-4252 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883. | |||||
| CVE-2019-4178 | 1 Ibm | 1 Cognos Analytics | 2024-11-21 | 6.4 MEDIUM | 6.4 MEDIUM |
| IBM Cognos Analytics 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to write or view arbitrary files on the system. IBM X-Force ID: 158919. | |||||