Total
7129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11013 | 1 Softvelum | 1 Nimble Streamer | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of the restricted directory on the remote server. | |||||
| CVE-2019-10985 | 1 Advantech | 1 Webaccess | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator. | |||||
| CVE-2019-10945 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory. | |||||
| CVE-2019-10934 | 1 Siemens | 1 Totally Integrated Automation Portal | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability has been identified in TIA Portal V14 (All versions), TIA Portal V15 (All versions < V15.1 Update 7), TIA Portal V16 (All versions < V16 Update 6), TIA Portal V17 (All versions < V17 Update 4). Changing the contents of a configuration file could allow an attacker to execute arbitrary code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system. No user interaction is required. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2019-10869 | 1 Ninjaforms | 1 Ninja Forms File Uploads | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters. | |||||
| CVE-2019-10767 | 1 Iobroker | 1 Iobroker.js-controller | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An attacker can include file contents from outside the `/adapter/xxx/` directory, where `xxx` is the name of an existent adapter like "admin". It is exploited using the administrative web panel with a request for an adapter file. **Note:** The attacker has to be logged in if the authentication is enabled (by default isn't enabled). | |||||
| CVE-2019-10765 | 1 Iobroker | 1 Iobroker.admin | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory. | |||||
| CVE-2019-10743 | 1 Archiver Project | 1 Archiver | 2024-11-21 | 5.8 MEDIUM | 5.5 MEDIUM |
| All versions of archiver allow attacker to perform a Zip Slip attack via the "unarchive" functions. It is exploited using a specially crafted zip archive, that holds path traversal filenames. When exploited, a filename in a malicious archive is concatenated to the target extraction directory, which results in the final path ending up outside of the target folder. For instance, a zip may hold a file with a "../../file.exe" location and thus break out of the target folder. If an executable or a configuration file is overwritten with a file containing malicious code, the problem can turn into an arbitrary code execution issue quite easily. | |||||
| CVE-2019-10720 | 1 Blogengine | 1 Blogengine.net | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714. | |||||
| CVE-2019-10719 | 1 Dotnetblogengine | 1 Blogengine.net | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution because file creation is mishandled, related to /api/upload and BlogEngine.NET/AppCode/Api/UploadController.cs. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714. | |||||
| CVE-2019-10717 | 1 Dotnetblogengine | 1 Blogengine.net | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
| BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter. | |||||
| CVE-2019-10632 | 1 Zyxel | 2 Nas326, Nas326 Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files. | |||||
| CVE-2019-10352 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary file write on the Jenkins master when scheduling a build. | |||||
| CVE-2019-10265 | 1 Ahsay | 1 Cloud Backup Suite | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system/ShowAdvanced.do "File Explorer" screen, it is possible to change the directory in the JavaScript code. If changed to (for example) "C:" then one can browse the whole server. | |||||
| CVE-2019-10257 | 1 Zucchetti | 1 Hr Portal | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. Unauthenticated users can escape outside of the restricted location (dot-dot-slash notation) to access files or directories that are elsewhere on the system. Through this vulnerability it is possible to read the application's java sources from /WEB-INF/classes/*.class | |||||
| CVE-2019-10242 | 1 Eclipse | 1 Kura | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests for a limited number of file types. | |||||
| CVE-2019-10220 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | |||||
| CVE-2019-10218 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user. | |||||
| CVE-2019-10197 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share. | |||||
| CVE-2019-10185 | 3 Debian, Icedtea-web Project, Opensuse | 3 Debian Linux, Icedtea-web, Leap | 2024-11-21 | 6.4 MEDIUM | 8.6 HIGH |
| It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox. | |||||