Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-7603 | 1 Konicaminolta | 1 Ftp Utility | 2015-09-30 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in Konica Minolta FTP Utility 1.0 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in a RETR command. | |||||
| CVE-2015-0666 | 1 Cisco | 1 Prime Data Center Network Manager | 2015-09-29 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241. | |||||
| CVE-2015-6459 | 1 Ge | 1 Mds Pulsenet | 2015-09-23 | 10.0 HIGH | N/A |
| Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or delete arbitrary files via a full pathname. | |||||
| CVE-2015-5638 | 1 Dena | 1 H20 | 2015-09-23 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL. | |||||
| CVE-2015-7237 | 1 Mcafee | 1 Mcafee Agent | 2015-09-22 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the remote log viewing functionality in McAfee Agent (MA) 5.x before 5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-5472 | 1 Ibs Mappro Project | 1 Ibs Mappro | 2015-09-16 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in lib/download.php in the IBS Mappro plugin before 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter. | |||||
| CVE-2014-2145 | 1 Cisco | 1 Unity Connection | 2015-09-16 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071. | |||||
| CVE-2015-6914 | 1 Mindbite | 1 Sitefactory Cms | 2015-09-14 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows remote attackers to read arbitrary files via a full pathname in the file parameter to assets/download.aspx. | |||||
| CVE-2015-2990 | 1 Neojapan | 1 Desknet Neo | 2015-09-11 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter. | |||||
| CVE-2015-5688 | 1 Geddyjs | 1 Geddy | 2015-09-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI. | |||||
| CVE-2015-4289 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2015-09-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920. | |||||
| CVE-2015-4425 | 1 Pimcore | 1 Pimcore | 2015-08-19 | 4.9 MEDIUM | N/A |
| Directory traversal vulnerability in pimcore before build 3473 allows remote authenticated users with the "assets" permission to create or write to arbitrary files via a .. (dot dot) in the dir parameter to admin/asset/add-asset-compatibility. | |||||
| CVE-2014-2210 | 1 Ca | 1 Erwin Web Portal | 2015-08-13 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2014-0820 | 1 Cybozu | 1 Garoon | 2015-08-13 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2014-1973 | 1 Nextapp | 1 File Explorer | 2015-08-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | |||||
| CVE-2014-1975 | 1 R-company | 1 Unzipper | 2015-07-30 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the R-Company Unzipper application 1.0.1 and earlier for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | |||||
| CVE-2014-5319 | 1 S-link | 1 Slfilemanager | 2015-07-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the S-Link SLFileManager application 1.2.5 and earlier for Android allows remote attackers to write to files via unspecified vectors. | |||||
| CVE-2014-2314 | 2 Atlassian, Microsoft | 2 Jira, Windows | 2015-07-29 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers to create arbitrary files via unspecified vectors. | |||||
| CVE-2014-1843 | 1 Southrivertech | 1 Titan Ftp Server | 2015-07-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter. | |||||
| CVE-2014-1842 | 1 Southrivertech | 1 Titan Ftp Server | 2015-07-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value. | |||||