Total
7067 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-17387 | 1 Marvell | 1 Qconvergeconsole | 2024-11-21 | 8.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the writeObjectToConfigFile method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10565. | ||||
| CVE-2020-17385 | 1 Cellopoint | 1 Cellos | 2024-11-21 | 7.5 High |
| Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. | ||||
| CVE-2020-17383 | 1 Telosalliance | 2 Z\/ip One, Z\/ip One Firmware | 2024-11-21 | 9.8 Critical |
| A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an unauthenticated individual root level access to the device's file system. This can be used to identify configuration settings, password hashes for built-in accounts, and the cleartext password for remote configuration of the device through the WebUI. | ||||
| CVE-2020-16245 | 1 Advantech | 1 Iview | 2024-11-21 | 9.8 Critical |
| Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code. | ||||
| CVE-2020-16136 | 1 Tgstation13 | 1 Tgstation-server | 2024-11-21 | 7.7 High |
| In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server process) via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files, however. | ||||
| CVE-2020-16116 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 3.3 Low |
| In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. | ||||
| CVE-2020-15941 | 1 Fortinet | 1 Forticlient Endpoint Management Server | 2024-11-21 | 5.4 Medium |
| A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages. | ||||
| CVE-2020-15929 | 1 Ortussolutions | 1 Testbox | 2024-11-21 | 9.8 Critical |
| In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, leading to Remote Code Execution. | ||||
| CVE-2020-15928 | 1 Ortussolutions | 1 Testbox | 2024-11-21 | 5.3 Medium |
| In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal. | ||||
| CVE-2020-15923 | 1 Midasolutions | 1 Eframework | 2024-11-21 | 7.5 High |
| Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal. | ||||
| CVE-2020-15908 | 1 Cauldrondevelopment | 1 C\! | 2024-11-21 | 7.5 High |
| tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive. | ||||
| CVE-2020-15809 | 1 Spinetix | 11 Diva, Diva Firmware, Dsos and 8 more | 2024-11-21 | 6.5 Medium |
| spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd. | ||||
| CVE-2020-15779 | 1 Socket.io-file Project | 1 Socket.io-file | 2024-11-21 | 7.5 High |
| A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path. | ||||
| CVE-2020-15712 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 4.3 Medium |
| rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences (%2f..%2f) in the path parameter to view arbitrary files on the system. | ||||
| CVE-2020-15703 | 1 Aptdaemon Project | 1 Aptdaemon | 2024-11-21 | 4 Medium |
| There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root. | ||||
| CVE-2020-15644 | 1 Marvell | 1 Qconvergeconsole | 2024-11-21 | 8.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the setAppFileBytes method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10550. | ||||
| CVE-2020-15643 | 1 Marvell | 1 Qconvergeconsole | 2024-11-21 | 8.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the saveAsText method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10549. | ||||
| CVE-2020-15641 | 1 Marvell | 1 Qconvergeconsole | 2024-11-21 | 7.5 High |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getFileUploadBytes method of the FlashValidatorServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10499. | ||||
| CVE-2020-15640 | 1 Marvell | 1 Qconvergeconsole | 2024-11-21 | 7.5 High |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getFileUploadBytes method of the FlashValidatorServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10497. | ||||
| CVE-2020-15639 | 1 Marvell | 1 Qconvergeconsole | 2024-11-21 | 9.8 Critical |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the decryptFile method of the FlashValidatorServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10496. | ||||