Lucene search
K

232 matches found

RedhatCVE
RedhatCVE
added 2025/03/02 7:20 a.m.14 views

CVE-2025-0823

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS6.8AI score0.0054EPSS
Exploits0References1
CVE
CVE
added 2025/02/28 2:31 a.m.108 views

CVE-2025-0823

CVE-2025-0823 affects IBM Cognos Analytics 11.2.0–11.2.4 FP5 and 12.0.0–12.0.4. Root cause is a path traversal vulnerability allowing a remote attacker to view arbitrary files by sending crafted URLs with /../ sequences. Impact is exposure of sensitive files; no exploitation details are provided ...

6.5CVSS6.4AI score0.0054EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 7:41 a.m.4 views

CVE-2024-41784

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot dot" sequences /.../ to view arbitrary files on the system...

7.5CVSS6.8AI score0.00644EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/19 2:42 a.m.10 views

CVE-2024-45652 IBM Maximo Asset Management directory traversal

IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS6.8AI score0.00763EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/04 4:2 p.m.19 views

CVE-2024-45074 IBM webMethods Integration directory traversal

IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS6.8AI score0.00481EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/04 4:2 p.m.20 views

CVE-2024-45074 IBM webMethods Integration directory traversal

IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS0.00481EPSS
Exploits0References1
CVE
CVE
added 2024/09/04 4:2 p.m.67 views

CVE-2024-45074

IBM webMethods Integration 10.15 contains a path traversal vulnerability (CVE-2024-45074) that can be exploited by an authenticated user to view arbitrary files via crafted URLs containing dot-dot sequences ("/../"). The issue is caused by insufficient input validation on directory traversal, ena...

6.5CVSS6.3AI score0.00481EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.16 views

RHEL 4 : curl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - curl: URL request injection vulnerability in parseurlandfillconn CVE-2014-8150 Note that Nessus has not tested for...

4.3CVSS7.2AI score0.0681EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/06 12:0 a.m.8 views

Delta Electronics DIAEnergie Path Traversal Vulnerability

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China. A path traversal vulnerability exists in Delta Electronics DIAEnergie, which can be exploited by an attacker to write an arbitrary file on the system by sending a specially crafted URL...

8.8CVSS6.8AI score0.01EPSS
Exploits0References1
NVD
NVD
added 2024/04/12 4:15 p.m.15 views

CVE-2024-30392

A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific UR...

8.7CVSS7.5AI score0.00694EPSS
Exploits0References2
CVE
CVE
added 2024/04/06 11:40 a.m.118 views

CVE-2024-22328

CVE-2024-22328 affects IBM Maximo Application Suite (MAS) Manage component in MAS 8.10 and 8.11. A remote attacker can perform path traversal by sending a URL with dot-dot sequences (/../) to view arbitrary files, leading to arbitrary file disclosure. Root cause: CWE-22 (path traversal). CVSS v3....

7.5CVSS7.3AI score0.00843EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/01 3:15 a.m.23 views

CVE-2023-38366

IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 261115...

5.3CVSS5.2AI score0.00754EPSS
Exploits0References2
Prion
Prion
added 2024/03/01 3:15 a.m.18 views

Design/Logic Flaw

IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 261115...

5CVSS6.8AI score0.00754EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/19 1:5 a.m.15 views

CVE-2023-35020 IBM Sterling Control Center directory traversal

IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 257874...

5.4CVSS6.7AI score0.00537EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/19 1:5 a.m.21 views

CVE-2023-35020 IBM Sterling Control Center directory traversal

IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 257874...

5.4CVSS5.5AI score0.00537EPSS
Exploits0References2
OSV
OSV
added 2024/01/10 11:15 a.m.4 views

CVE-2023-48244

The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP request...

6.1CVSS6AI score0.00306EPSS
Exploits0References1
NVD
NVD
added 2023/12/31 7:15 a.m.13 views

CVE-2021-46901

examples/6lbr/apps/6lbr-webserver/httpd.c in CETIC-6LBR aka 6lbr 1.5.0 has a strcat stack-based buffer overflow via a request for a long URL over a 6LoWPAN network...

7.5CVSS0.00659EPSS
Exploits1References2
Prion
Prion
added 2023/12/31 7:15 a.m.15 views

Stack overflow

examples/6lbr/apps/6lbr-webserver/httpd.c in CETIC-6LBR aka 6lbr 1.5.0 has a strcat stack-based buffer overflow via a request for a long URL over a 6LoWPAN network...

5CVSS7.7AI score0.00659EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2023/12/20 2:15 a.m.17 views

CVE-2023-47702

IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view modify files on the system. IBM X-Force ID: 271196...

9.1CVSS0.00975EPSS
Exploits0References2
Prion
Prion
added 2023/12/18 3:15 p.m.15 views

Design/Logic Flaw

IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to view arbitrary files on the system. IBM X-Force ID: 269536...

5CVSS6.8AI score0.01338EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder