Lucene search
K

81 matches found

cvelist
cvelist
added 2023/12/07 12:0 a.m.25 views

CVE-2023-46307

An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system...

8.1AI score0.01311EPSS
Exploits0References4
cnvd
cnvd
added 2023/09/25 12:0 a.m.13 views

Damon Enterprise Manager has a flawed logic vulnerability

Damon Enterprise Manager is a centralized management platform that monitors, manages and maintains DM databases through a web interface. A logic flaw vulnerability exists in Damon Enterprise Manager, which can be exploited by an attacker to delete arbitrary operating system files, resulting in...

7.1AI score
Exploits0
prion
prion
added 2023/09/12 3:15 a.m.20 views

Directory traversal

SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited...

5.5CVSS6.9AI score0.00373EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/09/12 2:2 a.m.32 views

CVE-2023-40623 Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer)

SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited...

6.2CVSS7.1AI score0.00373EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2023/09/12 2:2 a.m.11 views

CVE-2023-40623 Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer)

SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited...

6.2CVSS6.9AI score0.00373EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/05/18 12:0 a.m.5 views

Cisco Identity Services Engine 输入验证错误漏洞

Cisco Identity Services Engine ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. An arbitrary file read vulnerability exists in...

5.4CVSS6.5AI score0.00399EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/05/18 12:0 a.m.7 views

Cisco Identity Services Engine 路径遍历漏洞

Cisco Identity Services Engine ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. A path traversal vulnerability exists in Cisco...

6CVSS6.5AI score0.00494EPSS
Exploits0References3
attackerkb
attackerkb
added 2023/05/17 4:0 p.m.2 views

CVE-2023-20171

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about...

6.5CVSS6.7AI score0.00382EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/05/16 12:0 a.m.6 views

Aruba Networks EdgeConnect 路径遍历漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in Aruba Networks EdgeConnect Enterprise. An attacker could exploit the vulnerability to read arbitrary files on the underlying operating system, including sensitive...

6.5CVSS6.7AI score0.00648EPSS
Exploits0References4
cnnvd
cnnvd
added 2023/05/16 12:0 a.m.5 views

Aruba Networks EdgeConnect 路径遍历漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in Aruba Networks EdgeConnect Enterprise. An attacker could exploit the vulnerability to read arbitrary files on the underlying operating system, including sensitive...

6.5CVSS6.7AI score0.00648EPSS
Exploits0References4
osv
osv
added 2023/04/11 4:16 a.m.2 views

CVE-2023-29186

In SAP NetWeaver BI CONT ADDON - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient administrative privileges then potentially critical OS files ca...

6.5CVSS6.5AI score0.23035EPSS
Exploits0References2
osv
osv
added 2023/03/14 5:15 a.m.3 views

CVE-2023-27269

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker with non-administrative authorizations to exploit a directory traversal flaw in an available service to overwrite the system files. In...

9.6CVSS6.7AI score0.00982EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/03/14 12:0 a.m.5 views

SAP NetWeaver AS 路径遍历漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but also the basic platform for SAP software. SAP NetWeaver AS suffers from a path traversal vulnerability that arises when a network system or product fails to properly filter special elements i...

9.6CVSS6.7AI score0.00982EPSS
Exploits0References3
nvd
nvd
added 2022/12/12 1:15 p.m.22 views

CVE-2022-44532

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect...

6.5CVSS0.00703EPSS
Exploits0References1
cvelist
cvelist
added 2022/11/30 7:26 p.m.27 views

CVE-2022-43518

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise...

4.9CVSS6.5AI score0.00703EPSS
Exploits0References1
nvd
nvd
added 2022/06/02 2:15 p.m.19 views

CVE-2022-1661

The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files...

7.5CVSS0.1506EPSS
Exploits0References1
cvelist
cvelist
added 2022/05/31 7:36 p.m.43 views

CVE-2022-1661 Keysight N6854A Geolocation server and N6841A RF Sensor software

The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files...

7.5CVSS7.7AI score0.1506EPSS
Exploits0References1
osv
osv
added 2022/05/24 5:34 p.m.25 views

GHSA-P2VM-88RG-WFR2 XML injection in Crafter CMS

In Crafter CMS Crafter Studio 3.0 prior to 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band...

8.6CVSS5.8AI score0.01516EPSS
Exploits0References2
cnvd
cnvd
added 2022/04/18 12:0 a.m.25 views

IBM Aspera High-Speed Transfer信息泄露漏洞

IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...

4.3CVSS3.6AI score0.00676EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/04/14 12:0 a.m.5 views

IBM Aspera 信息泄露漏洞

IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...

4.3CVSS5.3AI score0.00676EPSS
Exploits0References4
Rows per page
Query Builder