Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11348 | 1 Octopus | 2 Octopus Deploy, Octopus Server | 2022-07-27 | 6.3 MEDIUM | 5.7 MEDIUM |
| In Octopus Deploy 3.x before 3.15.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted NuGet package, potentially overwriting other packages or modifying system files. This is a directory traversal in the PackageId value. | |||||
| CVE-2022-30302 | 1 Fortinet | 1 Fortideceptor | 2022-07-27 | N/A | 8.1 HIGH |
| Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface 1.0.0 through 3.2.x, 3.3.0 through 3.3.2, 4.0.0 through 4.0.1 may allow a remote and authenticated attacker to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web requests. | |||||
| CVE-2022-30301 | 1 Fortinet | 1 Fortiap-u | 2022-07-27 | N/A | 6.7 MEDIUM |
| A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands. | |||||
| CVE-2022-26352 | 1 Dotcms | 1 Dotcms | 2022-07-25 | 6.8 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution. | |||||
| CVE-2019-20916 | 4 Debian, Opensuse, Oracle and 1 more | 5 Debian Linux, Leap, Communications Cloud Native Core Network Function Cloud Native Environment and 2 more | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py. | |||||
| CVE-2021-41031 | 1 Fortinet | 1 Forticlient | 2022-07-25 | N/A | 7.8 HIGH |
| A relative path traversal vulnerability [CWE-23] in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service. | |||||
| CVE-2022-20220 | 1 Google | 1 Android | 2022-07-25 | 7.2 HIGH | 7.8 HIGH |
| In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-219015884 | |||||
| CVE-2021-42021 | 1 Siemens | 6 Siveillance Video Dlna Server, Siveillance Video Management Software 2019 R1, Siveillance Video Management Software 2019 R2 and 3 more | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1), Siveillance Video DLNA Server (2020 R2), Siveillance Video DLNA Server (2020 R3), Siveillance Video DLNA Server (2021 R1). The affected application contains a path traversal vulnerability that could allow to read arbitrary files on the server that are outside the application’s web document directory. An unauthenticated remote attacker could exploit this issue to access sensitive information for subsequent attacks. | |||||
| CVE-2021-43555 | 1 Myscada | 1 Mydesigner | 2022-07-25 | 6.8 MEDIUM | 7.8 HIGH |
| mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution. | |||||
| CVE-2022-31159 | 1 Amazon | 1 Aws-sdk-java | 2022-07-22 | N/A | 6.5 MEDIUM |
| The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` . | |||||
| CVE-2022-31202 | 1 Monitoringsoft | 1 Softguard Web | 2022-07-21 | N/A | 6.5 MEDIUM |
| The export function in SoftGuard Web (SGW) before 5.1.5 allows directory traversal to read an arbitrary local file via export or man.tcl. | |||||
| CVE-2021-21909 | 1 Garrett | 2 Ic Module, Ic Module Firmware | 2022-07-21 | 5.5 MEDIUM | 8.1 HIGH |
| Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability | |||||
| CVE-2021-21908 | 1 Garrett | 2 Ic Module, Ic Module Firmware | 2022-07-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete function does not attempt to sanitize or otherwise validate the contents of the [file] parameter (passed to the function as argv[1]), allowing an authenticated attacker to supply directory traversal primitives and delete semi-arbitrary files. | |||||
| CVE-2022-35410 | 2 0xacab, Debian | 2 Mat2, Debian Linux | 2022-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive. | |||||
| CVE-2022-31558 | 1 Shiva-server Project | 1 Shiva-server | 2022-07-16 | 6.4 MEDIUM | 9.3 CRITICAL |
| The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31532 | 1 Travel Blahg Project | 1 Travel Blahg | 2022-07-16 | 6.4 MEDIUM | 9.3 CRITICAL |
| The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31557 | 1 Golem Project | 1 Golem | 2022-07-16 | 6.4 MEDIUM | 9.3 CRITICAL |
| The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31530 | 1 Csm Server Project | 1 Csm Server | 2022-07-16 | 6.4 MEDIUM | 9.3 CRITICAL |
| The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31531 | 1 Dainst | 1 Cilantro | 2022-07-16 | 6.4 MEDIUM | 9.3 CRITICAL |
| The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31588 | 1 Testplatform Project | 1 Testplatform | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The zippies/testplatform repository through 2016-07-19 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||