CVE-2023-25186

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell which is by default disabled...

EUVD-2017-16289

Malware in sbrugna...

EUVD-2023-29150

Malicious code in bioql PyPI...

WebFileSys 2.31.0 - Directory Path Traversal

Exploit Title: WebFileSys 2.31.0 - Directory Path Traversal in relPath Parameter Date: Nov 25, 2024 Exploit Author: Korn Chaisuwan, Charanin Thongudom, Pongtorn Angsuchotmetee Vendor Homepage: http://www.webfilesys.de/webfilesys-home/index.html Software Link:...

ROS-20250203-04

A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation exceeding the buffer boundaries in memory as a result of incorrect comparison of file checksums. Exploitation exploitation of the vulnerability could allow a remote intruder to...

CVE-2023-51401

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Beaver Builder: from n/a through 1.35.13...

CVE-2023-40280

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...

CVE-2023-40279

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do...

CVE-2023-40280

OpenClinic GA 5.247.01 is affected by CVE-2023-40280 due to a directory path traversal via the Page parameter in a GET request to popup.jsp. The issue is described consistently across sources (NVD/Red Hat/CNNVD/CVE List), with an attack vector described as network-accessible and a high impact in ...

CVE-2023-4616 thumbnail Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...

CVE-2023-4614 setThumbnailRC Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of prope...

CVE-2023-4614 setThumbnailRC Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of prope...

CVE-2023-25186

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell which is by default disabled...

Path traversal

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell which is by default disabled...

CVE-2023-25186

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell which is by default disabled...

CVE-2023-25186

CVE-2023-25186 affects Nokia Airscale ASIKA Single RAN devices prior to 21B. A directory traversal in the AaShell diagnostic tool can expose the BTS baseband unit internal filesystem if security hardenings are removed by a CSP BTS administrator, with AaShell by default disabled. Impact described ...

FANUC ROBOGUIDE-HandlingPRO

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: FANUC Equipment: ROBOGUIDE-HandlingPRO Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and/or overwrite files on the system running the affected...

CVE-2022-31255 SUMA/UYUNI directory path traversal vulnerability in CobblerSnipperViewAction

An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files...

CVE-2018-0405

A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. The issue is due...

CVE-2018-0405 Cisco RV180W Wireless-N Multifunction VPN Router Directory Path Traversal Vulnerability

A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. The issue is due...