CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2055 matches found

OSV•added 2023/12/25 6:15 a.m.•4 views

CVE-2022-41761

An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files...

6.5CVSS5.9AI score0.008EPSS

Exploits1References1

NVD•added 2023/12/25 6:15 a.m.•14 views

CVE-2022-41761

6.5CVSS0.008EPSS

Exploits1References1

Prion•added 2023/12/25 6:15 a.m.•20 views

Path traversal

4CVSS6.8AI score0.008EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/12/25 12:0 a.m.•3 views

Nokia NFM-T Security Vulnerability

Nokia NFM-T is a transport network function manager from Nokia of Finland. A security vulnerability exists in Nokia NFM-T version R19.9, which originates from an absolute path traversal vulnerability that could allow an authenticated, remote attacker to read arbitrary files...

6.5CVSS6.7AI score0.008EPSS

Exploits1References2

CVE•added 2023/12/25 12:0 a.m.•37 views

CVE-2022-41761

The issue is an Absolute Path Traversal in Nokia NFM-T R19.9 VM Manager WebUI. Affected component is the endpoint /cgi-bin/R19.9/viewlog.pl, exploitable via the logfile parameter by an authenticated remote attacker to read arbitrary files. Root cause is path traversal in that endpoint; no public ...

6.5CVSS6.2AI score0.008EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/12/25 12:0 a.m.•30 views

CVE-2022-41761

6.4AI score0.008EPSS

Exploits1References1

Positive Technologies•added 2023/12/25 12:0 a.m.•6 views

PT-2023-14030 · Nokia · Nokia Nfm-T

Name of the Vulnerable Software and Affected Versions: NOKIA NFM-T version R19.9 Description: An issue exists in the VM Manager WebUI under the endpoint "/cgi-bin/R19.9/viewlog.pl" via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files due to an Absolute Path...

6.5CVSS6.3AI score0.008EPSS

Exploits1References4

NVD•added 2023/12/18 2:15 p.m.•20 views

CVE-2023-5115

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...

6.3CVSS0.00859EPSS

Exploits0References5

OSV•added 2023/12/18 2:15 p.m.•3 views

AZL-34540 CVE-2023-5115 affecting package ansible for versions less than 2.17.0-1

6.3CVSS7AI score0.00859EPSS

Exploits0References1

OSV•added 2023/12/18 2:15 p.m.•1 views

DEBIAN-CVE-2023-5115

6.3CVSS6.9AI score0.00859EPSS

Exploits0References1

OSV•added 2023/12/18 2:15 p.m.•5 views

AZL-32279 CVE-2023-5115 affecting package ansible for versions less than 2.14.11-1

6.3CVSS5.8AI score0.00859EPSS

Exploits0References1

OSV•added 2023/12/18 2:15 p.m.•1 views

UBUNTU-CVE-2023-5115

6.3CVSS7AI score0.00859EPSS

Exploits0References3

Cvelist•added 2023/12/18 1:43 p.m.•19 views

CVE-2023-5115 Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files

6.3CVSS6.6AI score0.00859EPSS

Exploits0References4

OSV•added 2023/11/30 10:15 p.m.•5 views

CVE-2021-35975

Absolute path traversal vulnerability in the Systematica SMTP Adapter component up to v2.0.1.101 in Systematica Radius up to v.3.9.256.777 allows remote attackers to read arbitrary files via a full pathname in GET parameter "file" in URL. Also: affected components in same product - HTTP Adapter u...

5.3CVSS5.9AI score0.01069EPSS

Exploits1References1

Prion•added 2023/11/30 10:15 p.m.•15 views

Path traversal

5CVSS7.2AI score0.01069EPSS

Exploits1References1Affected Software6