Total
7723 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21251 | 1 Onedev Project | 1 Onedev | 2024-11-21 | 6.5 MEDIUM | 7.7 HIGH |
| OneDev is an all-in-one devops platform. In OneDev before version 4.0.3 there is a critical "zip slip" vulnerability. This issue may lead to arbitrary file write. The KubernetesResource REST endpoint untars user controlled data from the request body using TarUtils. TarUtils is a custom library method leveraging Apache Commons Compress. During the untar process, there are no checks in place to prevent an untarred file from traversing the file system and overriding an existing file. For a successful exploitation, the attacker requires a valid __JobToken__ which may not be possible to get without using any of the other reported vulnerabilities. But this should be considered a vulnerability in `io.onedev.commons.utils.TarUtils` since it lives in a different artifact and can affect other projects using it. This issue was addressed in 4.0.3 by validating paths in tar archive to only allow them to be in specified folder when extracted. | |||||
| CVE-2021-21234 | 1 Spring-boot-actuator-logview Project | 1 Spring-boot-actuator-logview | 2024-11-21 | 4.0 MEDIUM | 7.7 HIGH |
| spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability. The nature of this library is to expose a log file directory via admin (spring boot actuator) HTTP endpoints. Both the filename to view and a base folder (relative to the logging folder root) can be specified via request parameters. While the filename parameter was checked to prevent directory traversal exploits (so that `filename=../somefile` would not work), the base folder parameter was not sufficiently checked, so that `filename=somefile&base=../` could access a file outside the logging base directory). The vulnerability has been patched in release 0.2.13. Any users of 0.2.12 should be able to update without any issues as there are no other changes in that release. There is no workaround to fix the vulnerability other than updating or removing the dependency. However, removing read access of the user the application is run with to any directory not required for running the application can limit the impact. Additionally, access to the logview endpoint can be limited by deploying the application behind a reverse proxy. | |||||
| CVE-2021-21102 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Illustrator version 25.2 (and earlier) is affected by a Path Traversal vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21090 | 2 Adobe, Microsoft | 2 Incopy, Windows | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21064 | 1 Magento | 2 Upward Connector, Upward Php | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could potentially exploit this vulnerability to upload a malicious YAML file that can contain instructions which allows reading arbitrary files from the remote server. Access to the admin console is required for successful exploitation. | |||||
| CVE-2021-21037 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-20876 | 1 Groupsession | 1 Groupsession | 2024-11-21 | 4.0 MEDIUM | 6.8 MEDIUM |
| Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows an attacker with an administrative privilege to obtain sensitive information stored in the hierarchy above the directory on the published site's server via unspecified vectors. | |||||
| CVE-2021-20796 | 1 Cybozu | 1 Remote Service Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload an arbitrary file via unspecified vectors. | |||||
| CVE-2021-20714 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in WP Fastest Cache versions prior to 0.9.1.7 allows a remote attacker with administrator privileges to delete arbitrary files on the server via unspecified vectors. | |||||
| CVE-2021-20692 | 1 Eikisoft | 1 Archive Collectively Operation Utility | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| Directory traversal vulnerability in Archive collectively operation utility Ver.2.10.1.0 and earlier allows an attacker to create or overwrite files by leading a user to expand a malicious ZIP archives. | |||||
| CVE-2021-20669 | 1 Weseek | 1 Growi | 2024-11-21 | 6.5 MEDIUM | 4.7 MEDIUM |
| Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read and/or delete an arbitrary path via a specially crafted URL. | |||||
| CVE-2021-20668 | 1 Weseek | 1 Growi | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read an arbitrary path via a specially crafted URL. | |||||
| CVE-2021-20661 | 1 Contec | 2 Sv-cpt-mc310, Sv-cpt-mc310 Firmware | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. | |||||
| CVE-2021-20651 | 1 Elecom | 1 File Manager | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors. | |||||
| CVE-2021-20517 | 1 Ibm | 1 Websphere Application Server Nd | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| IBM WebSphere Application Server Network Deployment 8.5 and 9.0 could allow a remote authenticated attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to read and delete arbitrary files on the system. IBM X-Force ID: 198435. | |||||
| CVE-2021-20511 | 2 Docker, Ibm | 2 Docker, Security Verify Access | 2024-11-21 | 6.8 MEDIUM | 4.9 MEDIUM |
| IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 198300. | |||||
| CVE-2021-20354 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883. | |||||
| CVE-2021-20247 | 3 Debian, Fedoraproject, Mbsync Project | 4 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 1 more | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the designated mailbox on the opposite end of the synchronization channel. The highest threat from this vulnerability is to data confidentiality and integrity. | |||||
| CVE-2021-20218 | 1 Redhat | 9 A-mq Online, Build Of Quarkus, Codeready Studio and 6 more | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2 | |||||
| CVE-2021-20206 | 1 Linuxfoundation | 1 Container Network Interface | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||