Lucene search
K

9 matches found

CVE
CVE
added 2024/10/09 6:26 p.m.54 views

CVE-2024-7038

CVE-2024-7038 describes an information disclosure in open-webui v0.3.8 where the embedding model update feature under admin settings reveals different error messages based on file existence/configuration. This enables an attacker to enumerate file names and traverse directories, exposing sensitiv...

2.7CVSS3.2AI score0.00336EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/13 6:31 a.m.23 views

CVE-2024-4576 TIBCO EBX File Inclusion Vulnerability

The component listed above contains a vulnerability that allows an attacker to traverse directories and access sensitive files, leading to unauthorized disclosure of system configuration and potentially sensitive information...

6.6AI score0.00474EPSS
Exploits0References1
NVD
NVD
added 2023/09/08 8:15 p.m.16 views

CVE-2022-33164

IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view or write to arbitrary files on the system. IBM X-Force ID: 228579...

9.1CVSS8.7AI score0.01476EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 2:16 p.m.29 views

Security Bulletin: There is a vulnerability in JSZip used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-48285)

Summary There is a vulnerability in JSZip used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-48285 DESCRIPTION: JSZip could allow a remote attacker to traverse directories on the system, caused by the failure to sanitize filenames when file...

7.3CVSS7.6AI score0.01411EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2023/01/31 5:35 a.m.92 views

CVE-2022-48285

A flaw was found in the JSZip package. Affected versions of JSZip could allow a remote attacker to traverse directories on the system caused by the failure to sanitize filenames when files are loaded with loadAsync, which makes the library vulnerable to a Zip Slip attack. By extracting files from...

7.3CVSS4.7AI score0.01411EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/30 4:41 p.m.34 views

Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2020-25020

Summary IBM TRIRIGA Application Platform discloses CVE-2020-25020 Vulnerability Details CVEID:CVE-2020-25020 DESCRIPTION: MPXJ could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity XXE declarations by the GanttProjectReader and...

9.8CVSS7.2AI score0.02591EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/03 10:45 a.m.34 views

Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2019-3880)

Summary A Samba vulnerability affects IBM Spectrum Scale SMB protocol access method that could allow a remote authenticated attacker to traverse a symbolic link on the system and write files outside the SMB share. Vulnerability Details This vulnerability only affects systems having SMB1 and...

5.5CVSS0.5AI score0.03392EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2019/02/07 12:0 a.m.31 views

LibreOffice RCE Vulnerability (Feb 2019) - Windows

LibreOffice is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS9.3AI score0.67547EPSS
Exploits10References1
Cvelist
Cvelist
added 2018/01/26 9:0 p.m.19 views

CVE-2017-1279

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 124757...

6.3AI score0.01855EPSS
Exploits0References2
Rows per page
Query Builder