• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2019-10242

February 26, 2023 by

In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests for a limited number of file types.

CVE-2019-10257

February 26, 2023 by

Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. Unauthenticated users can escape outside of the restricted location (dot-dot-slash notation) to access files or directories that are elsewhere on the system. Through this vulnerability it is possible to read the application’s java sources from /WEB-INF/classes/*.class

CVE-2019-10265

February 26, 2023 by

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system/ShowAdvanced.do “File Explorer” screen, it is possible to change the directory in the JavaScript code. If changed to (for example) “C:” then one can browse the whole server.

CVE-2019-10218

February 26, 2023 by

A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.

CVE-2019-10220

February 26, 2023 by

Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.

CVE-2019-10182

February 26, 2023 by

It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 316
  • Go to page 317
  • Go to page 318
  • Go to page 319
  • Go to page 320
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE