• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2018-3787

February 26, 2023 by

Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server.

CVE-2018-3822

February 26, 2023 by

X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal. An attacker might have been able to impersonate a legitimate user if the SAML Identity Provider allows for self registration with arbitrary identifiers and the attacker can register an account which an identifier that shares a suffix with a legitimate account. Both of those conditions must be true in order to exploit this flaw.

CVE-2018-3744

February 26, 2023 by

The html-pages node module contains a path traversal vulnerabilities that allows an attacker to read any file from the server with cURL.

CVE-2018-3766

February 26, 2023 by

Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.

CVE-2018-3770

February 26, 2023 by

A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.

CVE-2018-3712

February 26, 2023 by

serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e (.) and %2f (/) and allowing them in paths, which allows a malicious user to view the contents of any directory with known path.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 117
  • Go to page 118
  • Go to page 119
  • Go to page 120
  • Go to page 121
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE