CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2055 matches found

NVD•added 2023/08/16 3:15 p.m.•22 views

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

4.3CVSS6.6AI score0.00533EPSS

Exploits0References2

Prion•added 2023/08/16 3:15 p.m.•23 views

Design/Logic Flaw

4CVSS7.4AI score0.00533EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/08/16 2:32 p.m.•29 views

CVE-2023-40338

5.1AI score0.00533EPSS

Exploits0References2

CVE•added 2023/08/16 2:32 p.m.•392 views

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier exposes the absolute path to a log file in the error message when accessing Scan Organization Folder Log without logs. This information disclosure vulnerability (CVE-2023-40338) has a confirmed fix in 6.848.ve3b_fd7839a_81 and newer; remediat...

4.3CVSS4.2AI score0.00533EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2023/08/16 2:32 p.m.•25 views

CVE-2023-40338

4.3CVSS6.7AI score0.00533EPSS

Exploits0References2

Positive Technologies•added 2023/08/16 12:0 a.m.•6 views

PT-2023-4794 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.2.12 Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 9.1.1 Description: The issue is related to an absolute path traversal that can be exploited to execute arbitrary code...

8.8CVSS8AI score0.00216EPSS

Exploits0References9

NVD•added 2023/08/05 11:15 p.m.•10 views

CVE-2023-4172

A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal...

7.5CVSS5.5AI score0.00786EPSS

Exploits1References3

Prion•added 2023/08/05 11:15 p.m.•22 views

Path traversal

4CVSS7.6AI score0.00786EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/08/05 11:0 p.m.•18 views

CVE-2023-4172 Chengdu Flash Flood Disaster Monitoring and Warning System FileHandler.ashx absolute path traversal

4.3CVSS7.8AI score0.00786EPSS

Exploits1References3

CVE•added 2023/08/05 11:0 p.m.•58 views

CVE-2023-4172

CVE-2023-4172 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability arises from improper handling of the FileDirectory argument in the FileHandler.ashx (path/file processing), enabling absolute path traversal via a remote attack. Exploitation has been disclosed...

7.5CVSS6AI score0.00786EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2023/08/05 12:0 a.m.•5 views

PT-2023-28061 · Unknown · Chengdu Flash Flood Disaster Monitoring/Warning System

Name of the Vulnerable Software and Affected Versions: Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 Description: A problematic issue has been found in the system, affecting the file ServiceFileHandler.ashx. The manipulation of the FileDirectory argument leads to absolute...

7.5CVSS7.1AI score0.00786EPSS

Exploits1References7

NVD•added 2023/07/20 3:15 p.m.•27 views

CVE-2023-34968

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the...

5.3CVSS5.9AI score0.01185EPSS

Exploits0References11