CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1501 matches found

Cvelist•added 2024/11/22 8:5 p.m.•16 views

CVE-2023-52334 Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability

Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a...

7.5CVSS0.01266EPSS

Exploits0References2

Vulnrichment•added 2024/11/22 8:5 p.m.•10 views

CVE-2023-52334 Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability

7.5CVSS7.3AI score0.01266EPSS

Exploits0References2

Vulnrichment•added 2024/11/22 8:5 p.m.•12 views

CVE-2023-52333 Allegra saveFile Directory Traversal Remote Code Execution Vulnerability

Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that...

9.8CVSS9.9AI score0.06005EPSS

Exploits0References2

Cvelist•added 2024/11/22 8:5 p.m.•13 views

CVE-2023-52332 Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability

Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within...

7.5CVSS0.02489EPSS

Exploits0References2

Cvelist•added 2024/11/22 8:5 p.m.•14 views

CVE-2023-52333 Allegra saveFile Directory Traversal Remote Code Execution Vulnerability

9.8CVSS0.06005EPSS

Exploits0References2

CVE•added 2024/11/22 8:5 p.m.•42 views

CVE-2023-52332

CVE-2023-52332 – Allegra exposes a directory traversal vulnerability in the serveMathJaxLibraries feature. The flaw stems from improper validation of a user-supplied path prior to file operations, enabling remote attackers to disclose sensitive information without authentication. Described impact...

7.5CVSS7.2AI score0.02489EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/11/22 8:5 p.m.•13 views

CVE-2023-52332 Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability

7.5CVSS7.2AI score0.02489EPSS

Exploits0References2

Vulnrichment•added 2024/11/22 8:5 p.m.•9 views

CVE-2023-51648 Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability

Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the product implements a...

7.5CVSS7.3AI score0.01266EPSS

Exploits0References2

Cvelist•added 2024/11/22 8:5 p.m.•18 views

CVE-2023-51648 Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability

7.5CVSS0.01266EPSS

Exploits0References2

CVE•added 2024/11/22 8:5 p.m.•42 views

CVE-2023-51648

CVE-2023-51648 affects Allegra, via the getFileContentAsString method which is vulnerable to directory traversal information disclosure. The root cause is improper validation of a user-supplied path used in file operations, enabling disclosure of sensitive data including stored credentials. Some ...

7.5CVSS7.3AI score0.01266EPSS

Exploits0References2Affected Software1

CVE•added 2024/11/22 8:5 p.m.•42 views

CVE-2023-51647

CVE-2023-51647 affects Allegra’s saveInlineEdit function, where lack of validation of a user-supplied path in file operations enables a directory traversal path to execute code. The issue allows remote code execution in the LOCAL SERVICE context. Exploitation is described as network-based with lo...

7.2CVSS7.5AI score0.00833EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/11/22 8:5 p.m.•19 views

CVE-2023-51647 Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability

Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can b...

7.2CVSS0.00833EPSS

Exploits0References2

Vulnrichment•added 2024/11/22 8:5 p.m.•14 views

CVE-2023-51647 Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability

7.2CVSS7.5AI score0.00833EPSS

Exploits0References2

Cvelist•added 2024/11/22 8:5 p.m.•21 views

CVE-2023-51646 Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability

Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can...

7.2CVSS0.00728EPSS

Exploits0References2

CVE•added 2024/11/22 8:5 p.m.•43 views

CVE-2023-51645

CVE-2023-51645 affects Allegra via unzipFile directory traversal that enables remote code execution. Root cause: improper validation of user-supplied paths used in file operations. Impact: code execution in the LOCAL SERVICE context. Authentication is required to exploit, but bypass is possible p...

7.2CVSS7.5AI score0.01783EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/11/22 8:5 p.m.•14 views

CVE-2023-51643 Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability

Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

7.2CVSS7.5AI score0.0154EPSS

Exploits0References2

CVE•added 2024/11/22 8:5 p.m.•44 views

CVE-2023-51643

CVE-2023-51643 describes a directory traversal remote code execution in Allegra, arising from the uploadFile method where user-supplied paths are not properly validated. This allows an unauthenticated attacker (authentication bypass mentioned in sources) to execute code with LOCAL SERVICE privile...

7.2CVSS7.5AI score0.0154EPSS

Exploits0References2Affected Software1

CVE•added 2024/11/22 8:5 p.m.•46 views

CVE-2023-51640

CVE-2023-51640 – Allegra : A vulnerability in the extarctZippedFile method enables directory traversal leading to remote code execution. The flaw stems from inadequate validation of a user-supplied path used in file operations, allowing code execution with LOCAL SERVICE privileges. Authentication...

7.2CVSS7.5AI score0.01783EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/11/22 8:5 p.m.•12 views

CVE-2023-51639 Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability

Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS9.6AI score0.00692EPSS

Exploits0References2

Cvelist•added 2024/11/22 8:5 p.m.•15 views

CVE-2023-51639 Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability

9.8CVSS0.00692EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by