Lucene search
K

169 matches found

Prion
Prion
added 2024/12/30 9:15 p.m.13 views

CVE-2024-11944

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. T...

0.01599EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/12/09 12:0 a.m.11 views

Samsung MagicINFO 9 Server getFileFromMultipartFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getFileFromMultipartFile method. The issue results from the lack of proper...

9.8CVSS7.4AI score0.91941EPSS
Exploits3References1
NVD
NVD
added 2024/11/22 8:15 p.m.12 views

CVE-2023-51646

Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can...

7.2CVSS0.0179EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.25 views

CVE-2023-51645

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

7.2CVSS0.0179EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.55 views

CVE-2023-51648

Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the product implements a...

7.5CVSS0.01904EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.21 views

CVE-2023-51640

Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism ca...

7.2CVSS0.0179EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.20 views

CVE-2023-52333 Allegra saveFile Directory Traversal Remote Code Execution Vulnerability

Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that...

9.8CVSS0.01854EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.13 views

CVE-2023-52333 Allegra saveFile Directory Traversal Remote Code Execution Vulnerability

Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that...

9.8CVSS9.9AI score0.01854EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.10 views

CVE-2023-51648 Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability

Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the product implements a...

7.5CVSS7.3AI score0.01904EPSS
Exploits0References2
CVE
CVE
added 2024/11/22 8:5 p.m.50 views

CVE-2023-51647

CVE-2023-51647 affects Allegra’s saveInlineEdit function, where lack of validation of a user-supplied path in file operations enables a directory traversal path to execute code. The issue allows remote code execution in the LOCAL SERVICE context. Exploitation is described as network-based with lo...

7.2CVSS7.5AI score0.02091EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.33 views

CVE-2023-51646 Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability

Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can...

7.2CVSS0.0179EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.14 views

CVE-2023-51639 Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability

Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS9.6AI score0.02398EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.21 views

CVE-2023-51639 Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability

Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS0.02398EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/11/13 12:0 a.m.12 views

Ivanti Endpoint Manager GetFilePath Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the GetFilePath method. The issue results from the lack of...

7.2CVSS7.3AI score0.18184EPSS
Exploits0References1
OSV
OSV
added 2024/08/21 4:10 p.m.13 views

CVE-2024-6141 Windscribe Directory Traversal Local Privilege Escalation Vulnerability

Windscribe Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS7.5AI score0.00591EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/08/21 4:6 p.m.19 views

CVE-2024-7601 Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability

Logsign Unified SecOps Platform Directory dataexportdeleteall Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerabilit...

7.1CVSS6.9AI score0.01619EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/21 4:6 p.m.32 views

CVE-2024-7601 Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability

Logsign Unified SecOps Platform Directory dataexportdeleteall Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerabilit...

7.1CVSS0.01619EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/08/01 12:0 a.m.9 views

(0Day) (Pwn2Own) Pioneer DMH-WT7600NEX Telematics Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.3CVSS7.1AI score0.00469EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/07/18 12:0 a.m.11 views

SolarWinds Access Rights Manager Connect Method Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Connect method. The issue results from the lack of proper validatio...

10CVSS7.4AI score0.02539EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/07/18 12:0 a.m.10 views

SolarWinds Access Rights Manager AddReportResult Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability

This vulnerability allows remote attackers to read and delete arbitrary files on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AddReportResult method. The issue results from the lack of...

10CVSS6.5AI score0.02082EPSS
Exploits0References1
Rows per page
Query Builder