Lucene search
+L

127 matches found

Cvelist
Cvelist
added 2016/02/03 3:0 p.m.27 views

CVE-2016-1505

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore...

9.3AI score0.02592EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2016/01/19 12:0 a.m.8 views

The vulnerability of the iOS operating system allows a hacker to execute arbitrary code in a privileged context.

The vulnerability of the Mobile Replayer component in the GPUTools Framework for the iOS operating system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context using an application that specifies a specially...

9.3CVSS7.7AI score0.02446EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/01/19 12:0 a.m.8 views

The vulnerability of the iOS operating system allows a hacker to execute arbitrary code in a privileged context.

The vulnerability of the Mobile Replayer component in the GPUTools Framework for the iOS operating system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context using an application that specifies a specially...

9.3CVSS7.7AI score0.02446EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/08/18 12:0 a.m.9 views

The vulnerability of the Internet Explorer browser, which allows a hacker to read arbitrary local files

The vulnerability of the Internet Explorer browser is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to read arbitrary local files using a specially created path name...

4.3CVSS5.6AI score0.17855EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2015/03/27 2:59 p.m.16 views

Path traversal

Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path...

4CVSS7.1AI score0.00906EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/03/27 2:0 p.m.21 views

CVE-2014-9712

Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path...

6.6AI score0.00906EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/03/10 2:59 p.m.20 views

CVE-2015-0271

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard horizon allows remote attackers to read arbitrary files via a crafted path...

4CVSS5.9AI score0.01676EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2015/03/10 2:0 p.m.48 views

CVE-2015-0271

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard horizon allows remote attackers to read arbitrary files via a crafted path...

4CVSS6.4AI score0.01676EPSS
Exploits0
Cvelist
Cvelist
added 2015/03/10 2:0 p.m.28 views

CVE-2015-0271

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard horizon allows remote attackers to read arbitrary files via a crafted path...

6.5AI score0.01676EPSS
Exploits0References3
CVE
CVE
added 2015/03/10 2:0 p.m.72 views

CVE-2015-0271

CVE-2015-0271 affects Red Hat OpenStack Horizon’s redhat-access-plugin (pre-6.0.3). The vulnerability arises from an unsanitized input in the log-viewing function, allowing an authenticated attacker to read arbitrary files via a crafted path. Impact is reading sensitive files with the web server’...

4CVSS6.6AI score0.01676EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2015/01/15 3:59 p.m.17 views

Directory traversal

Directory traversal vulnerability in the gcabfolderextract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."...

6.4CVSS7.2AI score0.02791EPSS
Exploits1References5Affected Software2
UbuntuCve
UbuntuCve
added 2015/01/15 3:59 p.m.20 views

CVE-2015-0552

Directory traversal vulnerability in the gcabfolderextract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."...

6.4CVSS5.9AI score0.02791EPSS
Exploits1References1
Cvelist
Cvelist
added 2015/01/15 3:0 p.m.28 views

CVE-2015-0552

Directory traversal vulnerability in the gcabfolderextract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."...

6.5AI score0.02791EPSS
Exploits1References5
NVD
NVD
added 2014/12/02 4:59 p.m.14 views

CVE-2014-8788

GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message...

4CVSS5.6AI score0.0183EPSS
Exploits0References3
Prion
Prion
added 2014/12/02 4:59 p.m.19 views

Design/Logic Flaw

GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message...

4CVSS6.1AI score0.0183EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/12/02 4:0 p.m.19 views

CVE-2014-8789

GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possibly execute arbitrary code via a crafted path in a zip archive, which is not properly handled during extraction...

7.2AI score0.03221EPSS
Exploits0References3
Prion
Prion
added 2014/11/20 5:50 p.m.15 views

Path traversal

The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows remote attackers to bypass the password protection via a crafted path...

7.5CVSS7.3AI score0.01319EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/11/20 5:0 p.m.20 views

CVE-2014-9024

The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows remote attackers to bypass the password protection via a crafted path...

6.8AI score0.01319EPSS
Exploits0References2
NVD
NVD
added 2014/09/04 5:55 p.m.13 views

CVE-2014-5269

Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static...

5CVSS6AI score0.02455EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2014/09/04 5:55 p.m.20 views

CVE-2014-5269

Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static...

5CVSS5.9AI score0.02455EPSS
Exploits0References2
Rows per page
Query Builder