Total
7458 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10257 | 1 Zucchetti | 1 Hr Portal | 2024-11-21 | N/A |
| Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. Unauthenticated users can escape outside of the restricted location (dot-dot-slash notation) to access files or directories that are elsewhere on the system. Through this vulnerability it is possible to read the application's java sources from /WEB-INF/classes/*.class | ||||
| CVE-2019-10242 | 1 Eclipse | 1 Kura | 2024-11-21 | N/A |
| In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests for a limited number of file types. | ||||
| CVE-2019-10220 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 8.8 High |
| Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | ||||
| CVE-2019-10218 | 3 Fedoraproject, Redhat, Samba | 4 Fedora, Enterprise Linux, Storage and 1 more | 2024-11-21 | 6.5 Medium |
| A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user. | ||||
| CVE-2019-10197 | 4 Canonical, Debian, Redhat and 1 more | 5 Ubuntu Linux, Debian Linux, Enterprise Linux and 2 more | 2024-11-21 | N/A |
| A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share. | ||||
| CVE-2019-10185 | 4 Debian, Icedtea-web Project, Opensuse and 1 more | 4 Debian Linux, Icedtea-web, Leap and 1 more | 2024-11-21 | 8.6 High |
| It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox. | ||||
| CVE-2019-10182 | 2 Icedtea-web Project, Redhat | 7 Icedtea-web, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2024-11-21 | N/A |
| It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user. | ||||
| CVE-2019-10168 | 1 Redhat | 10 Advanced Virtualization, Enterprise Linux, Enterprise Linux Desktop and 7 more | 2024-11-21 | 7.8 High |
| The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. | ||||
| CVE-2019-10167 | 1 Redhat | 10 Advanced Virtualization, Enterprise Linux, Enterprise Linux Desktop and 7 more | 2024-11-21 | 7.8 High |
| The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. | ||||
| CVE-2019-10161 | 2 Canonical, Redhat | 6 Ubuntu Linux, Advanced Virtualization, Enterprise Linux and 3 more | 2024-11-21 | 7.8 High |
| It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. | ||||
| CVE-2019-10152 | 3 Libpod Project, Opensuse, Redhat | 3 Libpod, Leap, Rhel Extras Other | 2024-11-21 | 7.2 High |
| A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container. | ||||
| CVE-2019-10137 | 1 Redhat | 3 Network Proxy, Satellite, Spacewalk | 2024-11-21 | N/A |
| A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary code in the context of the httpd process. | ||||
| CVE-2019-10038 | 1 Evernote | 1 Evernote | 2024-11-21 | N/A |
| Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file. | ||||
| CVE-2019-10009 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | N/A |
| A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory. | ||||
| CVE-2019-1020001 | 1 Yardoc | 1 Yard | 2024-11-21 | 8.8 High |
| yard before 0.9.20 allows path traversal. | ||||
| CVE-2019-1010257 | 1 Article2pdf Project | 1 Article2pdf | 2024-11-21 | 9.1 Critical |
| An Information Disclosure / Data Modification issue exists in article2pdf_getfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can be downloaded. The file will be deleted after download if the web server has permission to do so. For PHP versions before 5.3, any file can be read by null terminating the string left of the file extension. | ||||
| CVE-2019-1010205 | 1 Linagora | 1 Hublin | 2024-11-21 | N/A |
| LINAGORA hublin latest (commit 72ead897082403126bf8df9264e70f0a9de247ff) is affected by: Directory Traversal. The impact is: The vulnerability allows an attacker to access any file (with a fixed extension) on the server. The component is: A web-view renderer; details here: https://lgtm.com/projects/g/linagora/hublin/snapshot/af9f1ce253b4ee923ff8da8f9d908d02a8e95b7f/files/backend/webserver/views.js?sort=name&dir=ASC&mode=heatmap&showExcluded=false#xb24eb0101d2aec21:1. The attack vector is: Attacker sends a specially crafted HTTP request. | ||||
| CVE-2019-1010151 | 1 Zzcms | 1 Zzmcms | 2024-11-21 | N/A |
| zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. The impact is: getshell. The component is: /user/ppsave.php. | ||||
| CVE-2019-1000009 | 1 Helm | 1 Chartmuseum | 2024-11-21 | N/A |
| Helm ChartMuseum version >=0.1.0 and < 0.8.1 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in HTTP API to save charts that can result in a specially crafted chart could be uploaded and saved outside the intended location. This attack appears to be exploitable via A POST request to the HTTP API can save a chart archive outside of the intended directory. If authentication is, optionally, enabled this requires an authorized user to do so. This vulnerability appears to have been fixed in 0.8.1. | ||||
| CVE-2019-1000008 | 1 Helm | 1 Helm | 2024-11-21 | N/A |
| All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a specially crafted chart archive. This vulnerability appears to have been fixed in 2.12.2. | ||||