Total
319 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0008 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A | 4.4 MEDIUM |
| A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition. | |||||
| CVE-2022-43513 | 1 Siemens | 1 Automation License Manager | 2024-11-21 | N/A | 8.2 HIGH |
| A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4), TeleControl Server Basic V3 (All versions < V3.1.2). The affected components allow to rename license files with user chosen input without authentication. This could allow an unauthenticated remote attacker to rename and move files as SYSTEM user. | |||||
| CVE-2022-39952 | 1 Fortinet | 1 Fortinac | 2024-11-21 | N/A | 9.8 CRITICAL |
| A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request. | |||||
| CVE-2022-34765 | 1 Schneider-electric | 4 Opc Ua Module For M580, Opc Ua Module For M580 Firmware, X80 Advanced Rtu Module and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | |||||
| CVE-2022-34669 | 2 Microsoft, Nvidia | 3 Windows, Cloud Gaming, Virtual Gpu | 2024-11-21 | N/A | 8.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that are critical to the application, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
| CVE-2022-32761 | 1 Wwbn | 1 Avideo | 2024-11-21 | N/A | 6.5 MEDIUM |
| An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2022-2638 | 1 Atlasgondal | 1 Export All Urls | 2024-11-21 | N/A | 6.5 MEDIUM |
| The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be removed on the system which is supposed to be the CSV file. This could allow high privilege users to delete arbitrary file from the server | |||||
| CVE-2022-2400 | 1 Dompdf Project | 1 Dompdf | 2024-11-21 | N/A | 5.3 MEDIUM |
| External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0. | |||||
| CVE-2022-28710 | 1 Wwbn | 1 Avideo | 2024-11-21 | N/A | 6.5 MEDIUM |
| An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2022-24900 | 1 Piano Led Visualizer Project | 1 Piano Led Visualizer | 2024-11-21 | 5.0 MEDIUM | 9.9 CRITICAL |
| Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The `os.path.join` call is unsafe for use with untrusted input. When the `os.path.join` call encounters an absolute path, it ignores all the parameters it has encountered till that point and starts working with the new absolute path. Since the "malicious" parameter represents an absolute path, the result of `os.path.join` ignores the static directory completely. Hence, untrusted input is passed via the `os.path.join` call to `flask.send_file` can lead to path traversal attacks. A patch with a fix is available on the `master` branch of the GitHub repository. This can also be fixed by preventing flow of untrusted data to the vulnerable `send_file` function. In case the application logic necessiates this behaviour, one can either use the `flask.safe_join` to join untrusted paths or replace `flask.send_file` calls with `flask.send_from_directory` calls. | |||||
| CVE-2022-23536 | 1 Linuxfoundation | 1 Cortex | 2024-11-21 | N/A | 6.5 MEDIUM |
| Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted to the Alertmanager Set Configuration API. Only users of the Alertmanager service where `-experimental.alertmanager.enable-api` or `enable_api: true` is configured are affected. Affected Cortex users are advised to upgrade to patched versions 1.13.2 or 1.14.1. However as a workaround, Cortex administrators may reject Alertmanager configurations containing the `api_key_file` setting in the `opsgenie_configs` section before sending to the Set Alertmanager Configuration API. | |||||
| CVE-2022-20789 | 1 Cisco | 1 Unified Communications Manager | 2024-11-21 | 8.5 HIGH | 4.9 MEDIUM |
| A vulnerability in the software upgrade process of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to write arbitrary files on the affected system. This vulnerability is due to improper restrictions applied to a system script. An attacker could exploit this vulnerability by using crafted variables during the execution of a system upgrade. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges. | |||||
| CVE-2022-0593 | 1 Idehweb | 1 Login With Phone Number | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service situation. | |||||
| CVE-2022-0246 | 1 Webence | 1 Iq Block Country | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| The settings of the iQ Block Country WordPress plugin before 1.2.13 can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip file are extracted one by one. During the extraction process, existence of a file is checked. If the file exists, it is deleted without any security control by only considering the name of the extracted file. This behavior leads to "Zip Slip" vulnerability. | |||||
| CVE-2021-3845 | 1 Ws Scrcpy Project | 1 Ws Scrcpy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ws-scrcpy is vulnerable to External Control of File Name or Path | |||||
| CVE-2021-3626 | 2 Canonical, Microsoft | 2 Multipass, Windows | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation. | |||||
| CVE-2021-38477 | 1 Auvesy | 1 Versiondog | 2024-11-21 | 6.4 MEDIUM | 9.8 CRITICAL |
| There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files. | |||||
| CVE-2021-34761 | 1 Cisco | 3 Firepower Management Center Virtual Appliance, Firepower Threat Defense, Sourcefire Defense Center | 2024-11-21 | 6.6 MEDIUM | 4.4 MEDIUM |
| A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges. | |||||
| CVE-2021-27250 | 1 Dlink | 2 Dap-2020, Dap-2020 Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the errorpage request parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11856. | |||||
| CVE-2021-24966 | 1 Bestwebsoft | 1 Error Log Viewer | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder | |||||