• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2022-34177

February 23, 2023 by godfreyd94

Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files uploaded for `file` parameters for Pipeline `input` steps on the controller as part of build metadata, using the parameter name without sanitization as a relative path inside a build-related directory, allowing attackers able to configure Pipelines to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.

CVE-2022-34179

February 23, 2023 by godfreyd94

Jenkins Embeddable Build Status Plugin 2.0.3 and earlier allows specifying a `style` query parameter that is used to choose a different SVG image style without restricting possible values, resulting in a relative path traversal vulnerability that allows attackers without Overall/Read permission to specify paths to other SVG images on the Jenkins controller file system.

CVE-2022-34002

February 23, 2023 by godfreyd94

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application.

CVE-2022-34026

February 23, 2023 by godfreyd94

ICEcoder v8.1 allows attackers to execute a directory traversal.

CVE-2022-33937

February 23, 2023 by godfreyd94

Dell GeoDrive, Versions 1.0 – 2.2, contain a Path Traversal Vulnerability in the reporting function. A local, low privileged attacker could potentially exploit this vulnerability, to gain unauthorized delete access to the files stored on the server filesystem, with the privileges of the GeoDrive service: NT AUTHORITYSYSTEM.

CVE-2022-33995

February 23, 2023 by godfreyd94

A path traversal issue in entry attachments in Devolutions Remote Desktop Manager before 2022.2 allows attackers to create or overwrite files in an arbitrary location.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 446
  • Go to page 447
  • Go to page 448
  • Go to page 449
  • Go to page 450
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE