Lucene search
+L

406 matches found

OSV
OSV
added 2021/10/27 7:15 p.m.6 views

CVE-2021-34762

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to...

8.1CVSS5.9AI score0.01908EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/10/27 4:0 p.m.1 views

CVE-2021-34762

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to...

8.1CVSS7.3AI score0.01908EPSS
Exploits0References2
OSV
OSV
added 2021/10/22 12:15 p.m.9 views

CVE-2021-38477

There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files...

9.8CVSS7.3AI score0.01083EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/30 12:0 a.m.6 views

Ecoa Technologies Corp Ecoa Bas controller 路径遍历漏洞

ECOA BAS controller is a BAS controller developed by Ecoa Technologies Corp in Taiwan, China. ECOA BAS controller is vulnerable to arbitrary file uploads, which can be exploited to send specially crafted URL requests to the /upload URI with the file name and rbt parameters containing The "dot"...

10CVSS8.5AI score0.02248EPSS
Exploits1References1
OSV
OSV
added 2021/09/18 2:15 p.m.4 views

CVE-2021-3806

A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...

5.3CVSS5.8AI score0.00698EPSS
Exploits1References2
Prion
Prion
added 2021/09/18 2:15 p.m.17 views

Path traversal

A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...

7.1CVSS5.3AI score0.00698EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/09/18 1:20 p.m.45 views

CVE-2021-3806

CVE-2021-3806 describes a path traversal vulnerability in Pardus Software Center’s extractArchive function. An attacker on the same network could leverage this to perform a man-in-the-middle and write files on the system. Reported across multiple sources (NVD entry, CVE listings, and PT-Security ...

7.1CVSS5.2AI score0.00698EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2021/09/18 12:0 a.m.4 views

Pardus 软件中心 路径遍历漏洞

Pardus is a Turkish Linux distribution. A security vulnerability exists in the center of the Pardus software, which stems from a path traversal vulnerability due to a lack of effective filtering of parameters in the extractArchive feature of the software, which could allow anyone on the same...

7.1CVSS5.7AI score0.00698EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/09/18 12:0 a.m.5 views

PT-2021-21942

Name of the Vulnerable Software and Affected Versions: Pardus Software Center affected versions not specified Description: A path traversal issue in the extractArchive function could allow an attacker on the same network to perform a man-in-the-middle attack and write files on the system...

7.1CVSS6.1AI score0.00698EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2021/09/14 11:15 a.m.2 views

CVE-2021-37173

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.14.1, RUGGEDCOM ROX RX1400 All versions V2.14.1, RUGGEDCOM ROX RX1500 All versions V2.14.1, RUGGEDCOM ROX RX1501 All versions V2.14.1, RUGGEDCOM ROX RX1510 All versions V2.14.1, RUGGEDCOM ROX RX1511 All versions V2.14.1,...

9CVSS7AI score0.01606EPSS
Exploits0References2
Prion
Prion
added 2021/09/09 7:15 p.m.19 views

Path traversal

Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket...

3.3CVSS6.5AI score0.00165EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/09/08 12:0 a.m.3 views

PT-2021-4048 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the SSH Server process could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This issue is due to...

8.5CVSS7.9AI score0.01581EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/09/04 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2336)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7AI score0.06563EPSS
Exploits5References2
CNNVD
CNNVD
added 2021/09/01 12:0 a.m.4 views

Aruba Operating System 路径遍历漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including mobile controllers and mobile access switches from Aruba Networks, Inc. The vulnerability is caused by a failure to effectively validate and filter parameters, which could be exploited by an authenticated...

7.2CVSS5.9AI score0.00325EPSS
Exploits0References5
OSV
OSV
added 2021/08/10 5:15 p.m.6 views

UBUNTU-CVE-2020-23171

A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...

5.5CVSS6.2AI score0.00656EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/08/10 3:6 p.m.28 views

CVE-2020-23171

A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...

5.5AI score0.00656EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/07/14 1:48 p.m.34 views

CVE-2021-33211

A Directory Traversal vulnerability in the Unzip feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to write files to arbitrary directories via relative paths in ZIP archives...

6.5AI score0.01705EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/05/28 12:0 a.m.6 views

IBM Cognos Analytics 授权问题漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A command execution vulnerabili...

10CVSS8.6AI score0.02935EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2021/05/11 11:0 p.m.3 views

CVE-2021-28584

Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is...

7.2CVSS5.6AI score0.0178EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/04/21 12:0 a.m.4 views

Cisco SD-WAN vManage 代码问题漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A code issue vulnerability exists in Cisco SD-WAN vManage Software, which could be exploited by an attacker to read or write files in an...

6.4CVSS5.8AI score0.00859EPSS
Exploits0References6
Rows per page
Query Builder