• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2021-29134

February 23, 2023 by

The avatar middleware in Gitea before 1.13.6 allows Directory Traversal via a crafted URL.

CVE-2021-29157

February 23, 2023 by

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

CVE-2021-29087

February 23, 2023 by

Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to write arbitrary files via unspecified vectors.

CVE-2021-29088

February 23, 2023 by

Improper limitation of a pathname to a restricted directory (‘Path Traversal’) in cgi component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors.

CVE-2021-29091

February 23, 2023 by

Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to write arbitrary files via unspecified vectors.

CVE-2021-29100

February 23, 2023 by

A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vulnerability to gain arbitrary code execution under security context of the user running ArcGIS Earth by inducing the user to upload a crafted file to an affected system.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 376
  • Go to page 377
  • Go to page 378
  • Go to page 379
  • Go to page 380
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE