• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2021-24035

February 23, 2023 by

A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files.

CVE-2021-24010

February 23, 2023 by

Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests.

CVE-2021-24013

February 23, 2023 by

Multiple Path traversal vulnerabilities in the Webmail of FortiMail before 6.4.4 may allow a regular user to obtain unauthorized access to files and data via specifically crafted web requests.

CVE-2021-23797

February 23, 2023 by

All versions of package http-server-node are vulnerable to Directory Traversal via use of –path-as-is.

CVE-2021-23514

February 23, 2023 by

This affects the package Crow before 0.3+4. It is possible to traverse directories to fetch arbitrary files from the server.

CVE-2021-23520

February 23, 2023 by

The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo() on a ZipFile object.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 390
  • Go to page 391
  • Go to page 392
  • Go to page 393
  • Go to page 394
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE