Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:12 p.m.11 views

CVE-2020-12265

The decompress package before 4.2.1 for Node.js is vulnerable to Arbitrary File Write via ../ in an archive member, when a symlink is used, because of Directory Traversal...

9.8CVSS6.7AI score0.02147EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.14 views

openSUSE: Security Advisory for salt (SUSE-SU-2024:0509-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS6.3AI score0.0083EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/12/13 1:24 p.m.24 views

Using the directory back payload (“/../”) in a package name allows placement of package in other folders.

Impact Backoffice users with permissions to create packages can use path traversal and thereby write outside of the expected location. Explanation of the vulnerability The “Package” section in Umbraco Backoffice allows a logged in user to write folders outside of the default package directory...

7.7CVSS6.4AI score0.00624EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/01/25 5:0 a.m.29 views

CVE-2022-25882

Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...

7.5CVSS7.6AI score0.01608EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2014/05/30 12:0 a.m.25 views

CVE-2014-3864

Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line...

6.4CVSS5.9AI score0.02825EPSS
Exploits0References4
Rows per page
Query Builder