Lucene search
K

2058 matches found

Vulnrichment
Vulnrichment
added 2024/02/21 5:0 p.m.14 views

CVE-2024-1703 ZhongBangKeJi CRMEB openfile absolute path traversal

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

3.5CVSS6.7AI score0.00707EPSS
Exploits1References3
OSV
OSV
added 2024/02/21 3:15 p.m.4 views

CVE-2023-50955

IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. IBM X-Force ID: 275777...

2.7CVSS5.8AI score0.00595EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.6 views

PT-2024-18236 · Zhongbangkeji · Crmeb

Name of the Vulnerable Software and Affected Versions: ZhongBangKeJi CRMEB version 5.2.2 Description: A problematic issue has been found in the software, affecting the openfile function of the file "/adminapi/system/file/openfile". This issue leads to absolute path traversal. The exploit has been...

5.3CVSS4.3AI score0.00707EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/20 5:32 p.m.18 views

Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability (CVE-2023-50955)

Summary An information disclosure vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-50955 DESCRIPTION: IBM InfoSphere Information Server could allow an authenticated privileged user to obtain the absolute path of the web server installation whi...

2.7CVSS3AI score0.00595EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/14 1:12 a.m.12 views

CVE-2024-25125 Absolute path traversal vulnerability in digdag server

Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...

5.3CVSS6.4AI score0.29646EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/14 1:12 a.m.19 views

CVE-2024-25125 Absolute path traversal vulnerability in digdag server

Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...

5.3CVSS5.4AI score0.29646EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.34 views

Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2024-505)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-505 advisory. The upstream report describes this issue as follows: When installing a maliciously created Ansible role using 'ansible-galaxy role install', arbitrary files the user has access to can be...

6.3CVSS7.2AI score0.00859EPSS
Exploits0References6
NVD
NVD
added 2024/01/26 8:15 a.m.17 views

CVE-2023-6919

Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal. This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...

7.5CVSS7.5AI score0.00582EPSS
Exploits0References2
OSV
OSV
added 2024/01/26 8:15 a.m.3 views

CVE-2023-6919

Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal.This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...

7.5CVSS5.8AI score0.00582EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/01/26 8:15 a.m.6 views

CVE-2023-6919

Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal. This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...

7.5CVSS7.1AI score0.00582EPSS
Exploits0References3
Prion
Prion
added 2024/01/26 8:15 a.m.15 views

Path traversal

Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal.This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...

5CVSS7.2AI score0.00582EPSS
Exploits0References1Affected Software9
Vulnrichment
Vulnrichment
added 2024/01/26 7:52 a.m.4 views

CVE-2023-6919 Path Traversal in VGuard IP Camera Network Recorder

Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal. This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...

7.5CVSS7.1AI score0.00582EPSS
Exploits0References2
CVE
CVE
added 2024/01/26 7:52 a.m.50 views

CVE-2023-6919

CVE-2023-6919 describes a Path Traversal vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard prior to version V500.0003.R008.4011.C0012.B351.C. The flaw allows an absolute path traversal via the "/.. /filedir" payload, potentially enabling access to files outside the web root. A...

7.5CVSS7.1AI score0.00582EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.4 views

PT-2024-15122 · Biges Safe Life Technologies Electronics Inc · Vguard

Name of the Vulnerable Software and Affected Versions: Biges Safe Life Technologies Electronics Inc. VGuard versions prior to V500.0003.R008.4011.C0012.B351.C Description: The issue is related to a Path Traversal vulnerability, specifically an Absolute Path Traversal, which can be exploited using...

7.5CVSS7.3AI score0.00582EPSS
Exploits0References3
OSV
OSV
added 2024/01/11 3:18 p.m.23 views

GHSA-RGRF-6MF5-M882 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...

2.2CVSS3.4AI score0.0041EPSS
Exploits1References18
Github Security Blog
Github Security Blog
added 2024/01/11 3:18 p.m.18 views

cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...

2.8CVSS6.5AI score0.0041EPSS
Exploits1References18Affected Software2
Github Security Blog
Github Security Blog
added 2023/12/28 9:30 p.m.34 views

Ansible symlink attack vulnerability

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...

6.3CVSS7AI score0.00859EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2023/12/28 9:30 p.m.30 views

GHSA-JPVW-P8PR-9G2X Ansible symlink attack vulnerability

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...

6.3CVSS6.3AI score0.00859EPSS
Exploits0References9
NVD
NVD
added 2023/12/27 3:15 p.m.9 views

CVE-2023-6190

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in İzmir Katip Çelebi University University Information Management System allows Absolute Path Traversal. This issue affects University Information Management System: before 30.11.2023...

9.8CVSS0.00764EPSS
Exploits0References2
Prion
Prion
added 2023/12/27 3:15 p.m.14 views

Input validation

Improper Input Validation vulnerability in Izmir Katip Çelebi University University Information Management System allows Absolute Path Traversal.This issue affects University Information Management System: before 30.11.2023...

7.5CVSS9.3AI score0.00764EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder