Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:57 a.m.9 views

CVE-2024-41765

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS6.8AI score0.00587EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:30 a.m.10 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted

Summary Software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a...

6.5CVSS6.8AI score0.00587EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/01/04 3:15 p.m.21 views

CVE-2024-41765

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS0.00587EPSS
Exploits0References1
Circl
Circl
added 2025/01/04 2:42 p.m.14 views

CVE-2024-41765

creationtimestamp| type| source ---|---|--- 2025-01-04 14:42:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113770603403534386 2025-01-04 15:15:35+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lewfitjb4o22 2025-01-04 17:16:05+00:00| seen|...

6.5CVSS4.8AI score0.00587EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/01/04 2:36 p.m.16 views

CVE-2024-41765 IBM Engineering Lifecycle Optimization - Publishing directory traversal

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS6.8AI score0.00587EPSS
Exploits0References1
Rows per page
Query Builder