Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11413 | 1 Bearadmin Project | 1 Bearadmin | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in BearAdmin 0.5. Remote attackers can download arbitrary files via /admin/databack/download.html?name= directory traversal sequences, as demonstrated by name=../application/database.php to read the MySQL credentials in the configuration. | |||||
| CVE-2018-11344 | 1 Asustor | 2 As6202t, As6202t Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a file on the system to download via the file1 parameter. | |||||
| CVE-2018-11342 | 1 Asustor | 2 As6202t, As6202t Firmware | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a path to a file on the system to create folders via the dest_folder parameter. | |||||
| CVE-2018-11341 | 1 Asustor | 2 As6202t, As6202t Firmware | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to navigate the file system via the filename parameter. | |||||
| CVE-2018-11319 | 2 Debian, Syntastic Project | 2 Debian Linux, Syntastic | 2024-11-21 | 8.5 HIGH | 7.5 HIGH |
| Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a directory that is a parent of the base directory of the project being checked. NOTE: exploitation is more difficult after 3.8.0 because filename prediction may be needed. | |||||
| CVE-2018-11248 | 1 Liulishuo | 1 Filedownloader | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal. | |||||
| CVE-2018-11235 | 5 Canonical, Debian, Git-scm and 2 more | 9 Ubuntu Linux, Debian Linux, Git and 6 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server. | |||||
| CVE-2018-11141 | 1 Quest | 1 Kace System Management Appliance | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal. Files can be at any location where the 'www' user has write permissions. | |||||
| CVE-2018-11137 | 1 Quest | 1 Kace System Management Appliance | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The 'checksum' parameter of the '/common/download_attachment.php' script in the Quest KACE System Management Appliance 8.0.318 can be abused to read arbitrary files with 'www' privileges via Directory Traversal. No administrator privileges are needed to execute this script. | |||||
| CVE-2018-11051 | 1 Emc | 1 Rsa Certificate Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 contain a path traversal vulnerability in the RSA CMP Enroll Server and the RSA REST Enroll Server. A remote unauthenticated attacker could potentially exploit this vulnerability by manipulating input parameters of the application to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | |||||
| CVE-2018-10956 | 3 Ipconfigure, Linux, Microsoft | 3 Orchid Core Vms, Linux Kernel, Windows | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal. | |||||
| CVE-2018-10926 | 4 Debian, Gluster, Opensuse and 1 more | 6 Debian Linux, Glusterfs, Leap and 3 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node. | |||||
| CVE-2018-10917 | 1 Pulpproject | 1 Pulp | 2024-11-21 | 4.0 MEDIUM | 6.8 MEDIUM |
| pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the 'apache' user. This may lead to overwrite of published content on other iso repositories. | |||||
| CVE-2018-10897 | 2 Redhat, Rpm | 5 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation and 2 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected. | |||||
| CVE-2018-10870 | 1 Redhat | 2 Certification, Enterprise Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution. | |||||
| CVE-2018-10862 | 1 Redhat | 4 Enterprise Linux, Jboss Enterprise Application Platform, Virtualization and 1 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability. | |||||
| CVE-2018-10860 | 3 Canonical, Debian, Perl-archive-zip Project | 3 Ubuntu Linux, Debian Linux, Perl-archive-zip | 2024-11-21 | 6.4 MEDIUM | 5.4 MEDIUM |
| perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter. | |||||
| CVE-2018-10824 | 1 Dlink | 15 Dir-140l, Dir-140l Firmware, Dir-640l and 12 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0 file. An attacker having a directory traversal (or LFI) can easily get full router access. | |||||
| CVE-2018-10822 | 1 Dlink | 15 Dir-140l, Dir-140l Firmware, Dir-640l and 12 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the web interface on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices allows remote attackers to read arbitrary files via a /.. or // after "GET /uir" in an HTTP request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-6190. | |||||
| CVE-2018-10615 | 1 Ge | 1 Mds Pulsenet | 2024-11-21 | 6.5 MEDIUM | 8.1 HIGH |
| Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform. | |||||