Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7816 | 2 Microsoft, Redhat | 2 Windows, Undertow | 2015-03-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files via a .. (dot dot) in a resource URI. | |||||
| CVE-2014-9282 | 1 Speed Software | 2 Explorer, Root Explorer | 2015-02-25 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Speed Root Explorer application before 3.2 for Android and the Speed Explorer application before 2.2 for Android allows remote attackers to write to arbitrary files via a crafted filename. | |||||
| CVE-2015-0878 | 1 Almail | 1 Al-mail32 | 2015-02-20 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in CREAR AL-Mail32 before 1.13d allows remote attackers to write to arbitrary files via a crafted filename of an attachment. | |||||
| CVE-2014-9375 | 1 Lexmark | 1 Markvision Enterprise | 2015-02-17 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive. | |||||
| CVE-2014-9372 | 1 Manageengine | 1 Password Manager Pro | 2015-02-17 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the UploadAccountActivities servlet in ManageEngine Password Manager Pro (PMP) before 7103 allows remote attackers to delete arbitrary files via a .. (dot dot) in a filename. | |||||
| CVE-2015-1577 | 1 Yuba | 1 U5cms | 2015-02-12 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a (1) .. (dot dot) or (2) full pathname in the f parameter. | |||||
| CVE-2014-0605 | 1 Attachmate | 1 Reflection Ftp Client | 2015-02-09 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the SaveSettings method. | |||||
| CVE-2014-0604 | 1 Attachmate | 1 Reflection Ftp Client | 2015-02-09 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the StartLog method. | |||||
| CVE-2015-1193 | 1 Pax Project | 1 Pax | 2015-01-23 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive. | |||||
| CVE-2015-1192 | 1 Kgb Project | 1 Kgb | 2015-01-23 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in kgb 1.0b4 allows remote attackers to write to arbitrary files via a full pathname in a crafted archive. | |||||
| CVE-2015-0867 | 1 Synck Graphica | 1 Download Log Cgi | 2015-01-23 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3.0 and earlier allows remote attackers to read arbitrary files via a crafted filename. | |||||
| CVE-2014-100033 | 1 Licensepal | 1 Arcticdesk | 2015-01-14 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in LicensePal ArcticDesk before 1.2.5 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2014-9581 | 1 Codiad | 1 Codiad | 2015-01-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in components/filemanager/download.php in Codiad 2.4.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information. | |||||
| CVE-2014-9389 | 1 Sonatype | 1 Nexus | 2015-01-06 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Sonatype Nexus OSS and Pro before 2.11.1-01 allows remote attackers to read or write to arbitrary files via unspecified vectors. | |||||
| CVE-2014-9461 | 1 Reality66 | 1 Cart66 Lite | 2015-01-05 | 3.5 LOW | N/A |
| Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the member_download action to wp-admin/admin-ajax.php. | |||||
| CVE-2011-5310 | 1 Cherry-design | 1 Wikipad | 2015-01-02 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | |||||
| CVE-2013-3295 | 1 Exponentcms | 1 Exponent Cms | 2014-12-30 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in install/popup.php in Exponent CMS before 2.2.0 RC1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2014-2217 | 1 Telerik | 1 Ui For Asp.net Ajax | 2014-12-29 | 7.5 HIGH | N/A |
| Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value. | |||||
| CVE-2014-9373 | 1 Manageengine | 1 Netflow Analyzer | 2014-12-17 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. (dot dot) in the filename. | |||||
| CVE-2014-5359 | 1 Safenet-inc | 1 Safenet Authentication Service Outlook Web Access Agent | 2014-12-17 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. (dot dot) in the GetFile parameter to owa/owa. | |||||