• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2022-25249

February 23, 2023 by godfreyd94

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) (disregarding Axeda agent v6.9.2 and v6.9.3) is vulnerable to directory traversal, which could allow a remote unauthenticated attacker to obtain file system read access via web server..

CVE-2022-25266

February 23, 2023 by godfreyd94

Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal (to read files).

CVE-2022-25267

February 23, 2023 by godfreyd94

Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal (to upload files).

CVE-2022-25178

February 23, 2023 by godfreyd94

Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.

CVE-2022-25188

February 23, 2023 by godfreyd94

Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker.

CVE-2022-25046

February 23, 2023 by godfreyd94

A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 486
  • Go to page 487
  • Go to page 488
  • Go to page 489
  • Go to page 490
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE