21015 matches found
CVE-2025-8023
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
Security Bulletin: IBM SOAR QRadar Plugin app for IBM QRadar SIEM is affected by path traversal (CVE-2025-36114)
Summary IBM SOAR QRadar Plugin app for IBM QRadar SIEM is affected by path traversal. IBM SOAR QRadar Plugin app has addressed the issue in the latest update. Vulnerability Details CVEID:CVE-2025-36114 DESCRIPTION: IBM QRadar SOAR Plugin App could allow a remote attacker to traverse directories o...
CVE-2025-36114
IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
MixGAN: a Hybrid Semi-Supervised and Generative Approach for DDoS Detection in Cloud-Integrated IoT Networks
The proliferation of cloud-integrated IoT systems has intensified exposure to Distributed Denial of Service DDoS attacks due to the expanded attack surface, heterogeneous device behaviors, and limited edge protection. However, DDoS detection in this context remains challenging because of complex...
CVE-2010-20109
Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...
CVE-2010-20109 Barracuda Spam & Virus Firewall "locale" Path Traversal
Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...
CVE-2010-20109 Barracuda Spam & Virus Firewall "locale" Path Traversal
Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...
CVE-2010-20109
CVE-2010-20109 affects Barracuda Spam & Virus Firewall, SSL VPN, and Web Application Firewall before October 2010. The flaw is a path traversal in the view_help.cgi endpoint caused by improper sanitization of the locale parameter, allowing unauthenticated remote attackers to inject traversal sequ...
CVE-2010-20109
Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the file streaming APIs. An attacker can overwrite file attachment thumbnails by supplying crafted file names containing path traversal sequences. Details A Directory Traversal attack also known as path traversal...
Directory Traversal
Overview vite-plugin-static-copy is a rollup-plugin-copy for vite with dev server support. Affected versions of this package are vulnerable to Directory Traversal via the viaLocal function. An attacker can access arbitrary files on the server by sending crafted HTTP requests that exploit path...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal due to improper input sanitization in template file destination paths. An attacker can access sensitive files outside intended directories by supplying crafted path components. Details A Directory Traversal attack al...
GHSA-X67C-V8JR-P29R Mattermost Fails to Sanitize Path Traversal Sequences
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
Mattermost Fails to Sanitize Path Traversal Sequences
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal during plugin import operations. An attacker can access unauthorized files and bypass plugin signature enforcement and marketplace restrictions by submitting specially crafted file paths during plugin import...
CVE-2025-8023
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
CVE-2025-8023
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
CVE-2025-8023
Mattermost server versions 9.11.x <= 9.11.17, 10.5.x <= 10.5.8, 10.8.x <= 10.8.3, 10.9.x
CVE-2025-8023 Path Traversal in Template Upload Allows Uploading Files Outside Target Directory
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
CVE-2025-8023 Path Traversal in Template Upload Allows Uploading Files Outside Target Directory
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...