Total
7723 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4722 | 1 Ipswitch | 1 Tftp Server | 2025-04-12 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation. | |||||
| CVE-2016-6038 | 1 Ibm | 1 Aix | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5.3, 6.1, and 7.1, allows remote authenticated users to read arbitrary files via a crafted URL. | |||||
| CVE-2015-5065 | 1 Intelligent-it | 1 Paypal Currency Converter Basic For Woocommerce | 2025-04-12 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read arbitrary files via a full pathname in the requrl parameter. | |||||
| CVE-2008-3277 | 2 Openfabrics, Redhat | 2 Ibutils, Enterprise Linux | 2025-04-12 | 4.4 MEDIUM | N/A |
| Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header. | |||||
| CVE-2015-1195 | 1 Openstack | 1 Image Registry And Delivery Service \(glance\) | 2025-04-12 | 6.5 MEDIUM | N/A |
| The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem: URL in the image location property. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9493. | |||||
| CVE-2015-1000005 | 1 Candidate-application-form Project | 1 Candidate-application-form | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Remote file download vulnerability in candidate-application-form v1.0 wordpress plugin | |||||
| CVE-2016-1231 | 3 Debian, Fedoraproject, Prosody | 3 Debian Linux, Fedora, Prosody | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) in an unspecified path. | |||||
| CVE-2016-4004 | 1 Dell | 1 Openmanage Server Administrator | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file parameter to ViewFile. | |||||
| CVE-2016-6232 | 2 Canonical, Kde | 2 Ubuntu Linux, Karchives | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. | |||||
| CVE-2014-9234 | 1 D-link | 2 Dcs-2103 Hd Cube Network Camera, Dcs-2103 Hd Cube Network Camera Firmware | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cgi-bin/sddownload.cgi in D-link IP camera DCS-2103 with firmware 1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2014-6154 | 3 Ibm, Linux, Microsoft | 3 Optim Performance Manager, Linux Kernel, Windows | 2025-04-12 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2015-4641 | 2 Samsung, Swiftkey | 5 Galaxy S4, Galaxy S4 Mini, Galaxy S5 and 2 more | 2025-04-12 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices allows remote web servers to write to arbitrary files, and consequently execute arbitrary code in a privileged context, by leveraging control of the skslm.swiftkey.net domain name and providing a .. (dot dot) in an entry in a ZIP archive, as demonstrated by a traversal to the /data/dalvik-cache directory. | |||||
| CVE-2013-3514 | 1 Openx | 1 Openx | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in OpenX before 2.8.10 revision 82710 allow remote administrators to read arbitrary files via a .. (dot dot) in the group parameter to (1) plugin-preferences.php or (2) plugin-settings.php in www/admin, a different vulnerability than CVE-2013-7376. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to read arbitrary files. | |||||
| CVE-2015-5353 | 1 Novius-os | 1 Novius Os | 2025-04-12 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tab parameter to admin/. | |||||
| CVE-2015-0779 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-12 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324. | |||||
| CVE-2015-8564 | 1 Joomla | 1 Joomla\! | 2025-04-12 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via directory traversal sequences in the XML install file in an extension package archive. | |||||
| CVE-2014-0605 | 1 Attachmate | 1 Reflection Ftp Client | 2025-04-12 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the SaveSettings method. | |||||
| CVE-2014-4937 | 1 Bookx Plugin Project | 1 Bookx | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2014-1969 | 1 Apps4u\@android | 1 Sd Card Manager | 2025-04-12 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename. | |||||
| CVE-2013-4054 | 1 Ibm | 1 Websphere Mq | 2025-04-12 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ 7.5 before 7.5.0.3 allows remote attackers to read arbitrary files via a crafted URI. | |||||