Total
8465 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-16936 | 1 Tenda | 6 Ac15, Ac15 Firmware, Ac18 and 3 more | 2025-04-20 | N/A |
| Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to read arbitrary files via a cgi-bin/luci/request?op=1&path= URI that uses directory traversal sequences after a /usb/ substring. | ||||
| CVE-2017-15309 | 1 Huawei | 1 Ireader | 2025-04-20 | N/A |
| Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory. | ||||
| CVE-2017-3851 | 1 Cisco | 1 Iox | 2025-04-20 | N/A |
| A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting crafted requests to the CAF web interface. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52302. | ||||
| CVE-2017-14695 | 1 Saltstack | 1 Salt | 2025-04-20 | N/A |
| Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791. | ||||
| CVE-2017-12263 | 1 Cisco | 1 License Manager | 2025-04-20 | N/A |
| A vulnerability in the web interface of Cisco License Manager software could allow an unauthenticated, remote attacker to download and view files within the application that should be restricted, aka Directory Traversal. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. An exploit could allow the attacker to view application files that may contain sensitive information. Cisco Bug IDs: CSCvd83577. | ||||
| CVE-2017-13996 | 1 Loytec | 2 Lvis-3me, Lvis-3me Firmware | 2025-04-20 | N/A |
| A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code. | ||||
| CVE-2017-14196 | 1 Squiz | 1 Matrix | 2025-04-20 | N/A |
| An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed. | ||||
| CVE-2017-14754 | 1 Opentext | 1 Document Sciences Xpression | 2025-04-20 | N/A |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Arbitrary File Read: /xAdmin/html/cm_datasource_group_xsd.jsp, parameter: xsd_datasource_schema_file filename. In order for this vulnerability to be exploited, an attacker must authenticate to the application first. | ||||
| CVE-2016-4987 | 1 Jenkins | 1 Image Gallery | 2025-04-20 | 6.5 Medium |
| Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields. | ||||
| CVE-2017-17042 | 1 Yardoc | 1 Yard | 2025-04-20 | N/A |
| lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files. | ||||
| CVE-2017-16959 | 1 Tp-link | 108 Tl-er3210g, Tl-er3210g Firmware, Tl-er3220g and 105 more | 2025-04-20 | N/A |
| The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of arbitrary files by making an operation=write;locale=%0d request, and then making an operation=read request with a crafted Accept-Language HTTP header, related to the set_sysinfo and get_sysinfo functions in /usr/lib/lua/luci/controller/locale.lua in uhttpd. | ||||
| CVE-2017-12188 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2025-04-20 | 7.8 High |
| arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun." | ||||
| CVE-2017-1087 | 1 Freebsd | 1 Freebsd | 2025-04-20 | N/A |
| In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user that has access to a jailed system is able to abuse shared memory by injecting malicious content in the shared memory region. This memory region might be executed by applications trusting the shared memory, like Squid. This issue could lead to a Denial of Service or local privilege escalation. | ||||
| CVE-2017-10940 | 1 Joyent | 1 Triton Datacenter | 2025-04-20 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853. | ||||
| CVE-2017-11511 | 1 Manageengine | 1 Servicedesk | 2025-04-20 | N/A |
| The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files. | ||||
| CVE-2017-11587 | 1 Cisco | 2 Residential Gateway, Residential Gateway Firmware | 2025-04-20 | N/A |
| On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is directory traversal in the filename parameter to the /download.conf URI. | ||||
| CVE-2017-2706 | 1 Huawei | 2 Mate 9, Mate 9 Firmware | 2025-04-20 | N/A |
| Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and impact the service. | ||||
| CVE-2017-8314 | 2 Debian, Kodi | 2 Debian Linux, Kodi | 2025-04-20 | N/A |
| Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles. | ||||
| CVE-2017-2258 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications". | ||||
| CVE-2017-2240 | 2 Apple, Hammock | 2 Mac Os X, Assetview | 2025-04-20 | N/A |
| Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via "File Transfer Web Service". | ||||