Lucene search
K

2059 matches found

Positive Technologies
Positive Technologies
added 2023/08/28 12:0 a.m.3 views

PT-2023-4751 · Gitpython +1 · Gitpython +1

Name of the Vulnerable Software and Affected Versions: GitPython affected versions not specified Description: The issue is related to how Python interacts with Windows systems, specifically when resolving a program. GitPython defaults to use the git command, and if a user runs it from a repositor...

8.6CVSS6.1AI score0.01012EPSS
Exploits2References33
CNNVD
CNNVD
added 2023/08/19 12:0 a.m.6 views

Obsidian 路径遍历漏洞

Obsidian is a knowledge base for local Markdown files from the Obsidian community. A security vulnerability exists in Obsidian version 1.2.8, which stems from incorrect path handling and will allow penetration of a remote web server via app://local/...

8.2CVSS7.1AI score0.00333EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/08/17 7:19 a.m.45 views

CVE-2023-40338

A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller fi...

4.3CVSS6.5AI score0.00533EPSS
Exploits0References4
OSV
OSV
added 2023/08/16 3:30 p.m.25 views

GHSA-36HQ-V2FC-RPQP Jenkins Folders Plugin information disclosure vulnerability

Jenkins Folders Plugin displays an error message when attempting to access the Scan Organization Folder Log if no logs are available. In Folders Plugin 6.846.v23698686f0f6 and earlier, this error message includes the absolute path of a log file, exposing information about the Jenkins controller...

4.3CVSS6.2AI score0.00533EPSS
Exploits0References3
NVD
NVD
added 2023/08/16 3:15 p.m.24 views

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

4.3CVSS6.6AI score0.00533EPSS
Exploits0References2
Prion
Prion
added 2023/08/16 3:15 p.m.23 views

Design/Logic Flaw

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

4CVSS7.4AI score0.00533EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/16 2:32 p.m.29 views

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

5.1AI score0.00533EPSS
Exploits0References2
CVE
CVE
added 2023/08/16 2:32 p.m.393 views

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier exposes the absolute path to a log file in the error message when accessing Scan Organization Folder Log without logs. This information disclosure vulnerability (CVE-2023-40338) has a confirmed fix in 6.848.ve3b_fd7839a_81 and newer; remediat...

4.3CVSS4.2AI score0.00533EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2023/08/16 2:32 p.m.25 views

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

4.3CVSS6.7AI score0.00533EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/16 12:0 a.m.6 views

PT-2023-4794 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.2.12 Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 9.1.1 Description: The issue is related to an absolute path traversal that can be exploited to execute arbitrary code...

8.8CVSS8AI score0.00216EPSS
Exploits0References9
NVD
NVD
added 2023/08/05 11:15 p.m.10 views

CVE-2023-4172

A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal...

7.5CVSS5.5AI score0.00786EPSS
Exploits1References3
Prion
Prion
added 2023/08/05 11:15 p.m.22 views

Path traversal

A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal...

4CVSS7.6AI score0.00786EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/08/05 11:0 p.m.20 views

CVE-2023-4172 Chengdu Flash Flood Disaster Monitoring and Warning System FileHandler.ashx absolute path traversal

A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal...

4.3CVSS7.8AI score0.00786EPSS
Exploits1References3
CVE
CVE
added 2023/08/05 11:0 p.m.59 views

CVE-2023-4172

CVE-2023-4172 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability arises from improper handling of the FileDirectory argument in the FileHandler.ashx (path/file processing), enabling absolute path traversal via a remote attack. Exploitation has been disclosed...

7.5CVSS6AI score0.00786EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/05 12:0 a.m.5 views

PT-2023-28061 · Unknown · Chengdu Flash Flood Disaster Monitoring/Warning System

Name of the Vulnerable Software and Affected Versions: Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 Description: A problematic issue has been found in the system, affecting the file ServiceFileHandler.ashx. The manipulation of the FileDirectory argument leads to absolute...

7.5CVSS7.1AI score0.00786EPSS
Exploits1References7
NVD
NVD
added 2023/07/20 3:15 p.m.28 views

CVE-2023-34968

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the...

5.3CVSS5.9AI score0.01185EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2023/07/20 9:31 a.m.34 views

CVE-2023-34968

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the...

5.3CVSS5.9AI score0.01185EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/07/19 3:30 a.m.43 views

MLflow Path Traversal vulnerability

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0...

10CVSS7AI score0.70736EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/07/19 1:15 a.m.5 views

PYSEC-2023-308

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0...

10CVSS9.5AI score0.70736EPSS
Exploits1References5
PyPA
PyPA
added 2023/07/19 1:15 a.m.6 views

PYSEC-2023-308

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0...

10CVSS6.8AI score0.70736EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder