Total
9364 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-4577 | 1 Websupporter | 1 Wp Amasin - The Amazon Affiliate Shop | 2025-04-12 | N/A |
| Absolute path traversal vulnerability in reviews.php in the WP AmASIN - The Amazon Affiliate Shop plugin 0.9.6 and earlier for WordPress allows remote attackers to read arbitrary files via a full pathname in the url parameter. | ||||
| CVE-2014-1715 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2025-04-12 | N/A |
| Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. | ||||
| CVE-2014-1970 | 2 Estrongs, Google | 2 Es File Explorer, Android | 2025-04-12 | N/A |
| Directory traversal vulnerability in the ES File Explorer File Manager application before 3.0.4 for Android allows remote attackers to overwrite or create arbitrary files via unspecified vectors. | ||||
| CVE-2014-5393 | 1 Sos | 1 Jobscheduler | 2025-04-12 | N/A |
| Directory traversal vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified vectors. | ||||
| CVE-2014-9375 | 1 Lexmark | 1 Markvision Enterprise | 2025-04-12 | N/A |
| Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive. | ||||
| CVE-2011-4821 | 1 Dlink | 2 Dir-601, Dir-601 Firmware | 2025-04-12 | N/A |
| Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router with firmware 1.02NA allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2015-5688 | 1 Geddyjs | 1 Geddy | 2025-04-12 | N/A |
| Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI. | ||||
| CVE-2015-1196 | 3 Gnu, Opensuse, Oracle | 3 Patch, Opensuse, Solaris | 2025-04-12 | N/A |
| GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file. | ||||
| CVE-2016-7162 | 2 Canonical, File Roller Project | 2 Ubuntu Linux, File Roller | 2025-04-12 | 7.5 High |
| The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive. | ||||
| CVE-2015-2862 | 1 Kaseya | 1 Virtual System Administrator | 2025-04-12 | N/A |
| Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request. | ||||
| CVE-2015-5531 | 1 Elasticsearch | 1 Elasticsearch | 2025-04-12 | N/A |
| Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls. | ||||
| CVE-2016-10106 | 1 Netgear | 8 Fvs318gv2, Fvs318gv2 Firmware, Fvs318n and 5 more | 2025-04-12 | N/A |
| Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by reading the /etc/shadow file. | ||||
| CVE-2015-8358 | 1 Bitrix | 1 Mpbuilder | 2025-04-12 | N/A |
| Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php. | ||||
| CVE-2015-0171 | 1 Ibm | 1 Security Siteprotector System | 2025-04-12 | N/A |
| Directory traversal vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to write to arbitrary files via unspecified vectors. | ||||
| CVE-2015-6833 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2025-04-12 | N/A |
| Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call. | ||||
| CVE-2014-0598 | 1 Novell | 1 Open Enterprise Server | 2025-04-12 | N/A |
| Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors. | ||||
| CVE-2015-1550 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2025-04-12 | N/A |
| Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote administrators to execute arbitrary files via unspecified vectors. | ||||
| CVE-2015-2775 | 4 Canonical, Debian, Gnu and 1 more | 4 Ubuntu Linux, Debian Linux, Mailman and 1 more | 2025-04-12 | N/A |
| Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name. | ||||
| CVE-2014-3625 | 3 Pivotal Software, Redhat, Vmware | 7 Spring Framework, Jboss Amq, Jboss Bpms and 4 more | 2025-04-12 | N/A |
| Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling. | ||||
| CVE-2015-1807 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2025-04-12 | N/A |
| Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions to read arbitrary files via a symlink, related to building artifacts. | ||||