Total
6555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1000997 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal vulnerability exists in the Stapler web framework used by Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/org/kohsuke/stapler/Facet.java, groovy/src/main/java/org/kohsuke/stapler/jelly/groovy/GroovyFacet.java, jelly/src/main/java/org/kohsuke/stapler/jelly/JellyFacet.java, jruby/src/main/java/org/kohsuke/stapler/jelly/jruby/JRubyFacet.java, jsp/src/main/java/org/kohsuke/stapler/jsp/JSPFacet.java that allows attackers to render routable objects using any view in Jenkins, exposing internal information about those objects not intended to be viewed, such as their toString() representation. | |||||
| CVE-2018-1000882 | 1 Webidsupport | 1 Webid | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f. | |||||
| CVE-2018-1000863 | 2 Jenkins, Redhat | 2 Jenkins, Openshift Container Platform | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jenkins. | |||||
| CVE-2018-1000857 | 1 Open-systems | 1 Log-user-session | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/(remote) environment variable manipulation similar shell-shock also possible. | |||||
| CVE-2018-1000850 | 1 Squareup | 1 Retrofit | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack appear to be exploitable via An attacker should have access to an encoded path parameter on POST, PUT or DELETE request.. This vulnerability appears to have been fixed in 2.5.0 and later. | |||||
| CVE-2018-1000817 | 1 Asset Pipeline Project | 1 Asset-pipeline | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. This attack appear to be exploitable via Specially crafted GET request containing directory traversal from assets-pipeline context. This vulnerability appears to have been fixed in 2.14.1.1 (for Grails 2.x), 2.15.1 (for Grails 3 and Java 7) and 3.0.6 (for Grails 3 and Java 8). | |||||
| CVE-2018-1000801 | 2 Debian, Kde | 2 Debian Linux, Okular | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1 | |||||
| CVE-2018-1000659 | 1 Limesurvey | 1 Limesurvey | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| LimeSurvey version 3.14.4 and earlier contains a directory traversal in file upload that allows upload of webshell vulnerability in file upload functionality that can result in remote code execution as authenticated user. This attack appear to be exploitable via An authenticated user can upload a specially crafted zip file to get remote code execution. This vulnerability appears to have been fixed in after commit 72a02ebaaf95a80e26127ee7ee2b123cccce05a7 / version 3.14.4. | |||||
| CVE-2018-1000647 | 1 Librehealth | 1 Librehealth Ehr | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
| LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter. | |||||
| CVE-2018-1000623 | 1 Jfrog | 1 Artifactory | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The "Import Repository from Zip" feature, available through the Admin menu -> Import & Export -> Repositories, triggers a vulnerable UI REST endpoint (/ui/artifactimport/upload) that can result in Directory traversal / file overwrite and remote code execution. This attack appear to be exploitable via An attacker with Admin privileges may use the aforementioned UI endpoint and exploit the publicly known "Zip Slip" vulnerability, to add/overwrite files outside the target directory. This vulnerability appears to have been fixed in 6.0.3. | |||||
| CVE-2018-1000550 | 2 Debian, Sympa | 2 Debian Linux, Sympa | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This vulnerability appears to have been fixed in 6.2.32. | |||||
| CVE-2018-1000532 | 1 Beep Project | 1 Beep | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS. This attack appear to be exploitable via The system must allow local users to run beep. | |||||
| CVE-2018-1000406 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary file write on the Jenkins master when scheduling a build. | |||||
| CVE-2018-1000208 | 1 Modx | 1 Modx Revolution | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have been fixed in pull 13980. | |||||
| CVE-2018-1000194 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection. | |||||
| CVE-2018-1000175 | 1 Jenkins | 1 Html Publisher | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master. | |||||
| CVE-2018-1000161 | 1 Nmap | 1 Nmap | 2024-11-21 | 3.5 LOW | 5.7 MEDIUM |
| nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7. | |||||
| CVE-2018-1000083 | 1 Ajenti | 1 Ajenti | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Ajenti version version 2 contains a Improper Error Handling vulnerability in Login JSON request that can result in The requisition leaks a path of the server. This attack appear to be exploitable via By sending a malformed JSON, the tool responds with a traceback error that leaks a path of the server. | |||||
| CVE-2018-1000079 | 1 Rubygems | 1 Rubygems | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to arbitrary filesystem locations during installation. This attack appear to be exploitable via the victim must install a malicious gem. This vulnerability appears to have been fixed in 2.7.6. | |||||
| CVE-2018-0722 | 1 Qnap | 2 Photo Station, Qts | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device. | |||||