Total
6541 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38312 | 1 Valvesoftware | 1 Counter-strike | 2024-11-21 | N/A | 7.5 HIGH |
| A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable. | |||||
| CVE-2023-38256 | 1 Doverfuelingsolutions | 2 Maglink Lx 3, Maglink Lx Web Console Configuration | 2024-11-21 | N/A | 6.8 MEDIUM |
| Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 vulnerable to a path traversal attack, which could allow an attacker to access files stored on the system. | |||||
| CVE-2023-38176 | 1 Microsoft | 1 Azure Arc-enabled Servers | 2024-11-21 | N/A | 7.0 HIGH |
| Azure Arc-Enabled Servers Elevation of Privilege Vulnerability | |||||
| CVE-2023-38126 | 1 Softing | 1 Edgeaggregator | 2024-11-21 | N/A | 7.2 HIGH |
| Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of backup zip files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this to execute code in the context of root. Was ZDI-CAN-20543. | |||||
| CVE-2023-38019 | 1 Ibm | 1 Soar Qradar Plugin App | 2024-11-21 | N/A | 8.1 HIGH |
| IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 260575. | |||||
| CVE-2023-37960 | 1 Jenkins | 1 Mathworks Polyspace | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jenkins MathWorks Polyspace Plugin 1.0.5 and earlier allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file systems. | |||||
| CVE-2023-37932 | 1 Fortinet | 1 Fortivoice | 2024-11-21 | N/A | 6.5 MEDIUM |
| An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests | |||||
| CVE-2023-37913 | 1 Xwiki | 1 Xwiki | 2024-11-21 | N/A | 9.9 CRITICAL |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 3.5-milestone-1 and prior to versions 14.10.8 and 15.3-rc-1, triggering the office converter with a specially crafted file name allows writing the attachment's content to an attacker-controlled location on the server as long as the Java process has write access to that location. In particular in the combination with attachment moving, a feature introduced in XWiki 14.0, this is easy to reproduce but it also possible to reproduce in versions as old as XWiki 3.5 by uploading the attachment through the REST API which doesn't remove `/` or `\` from the filename. As the mime type of the attachment doesn't matter for the exploitation, this could e.g., be used to replace the `jar`-file of an extension which would allow executing arbitrary Java code and thus impact the confidentiality, integrity and availability of the XWiki installation. This vulnerability has been patched in XWiki 14.10.8 and 15.3RC1. There are no known workarounds apart from disabling the office converter. | |||||
| CVE-2023-37896 | 1 Projectdiscovery | 1 Nuclei | 2024-11-21 | N/A | 7.5 HIGH |
| Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation. This issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network. | |||||
| CVE-2023-37888 | 2024-11-21 | N/A | 7.6 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in By Averta Shortcodes and extra features for Phlox theme allows PHP Local File Inclusion.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.14.0. | |||||
| CVE-2023-37781 | 1 Emqx | 1 Emqx | 2024-11-21 | N/A | 6.5 MEDIUM |
| An issue in the emqx_sn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt file. | |||||
| CVE-2023-37739 | 1 I-doit | 1 I-doit | 2024-11-21 | N/A | 6.5 MEDIUM |
| i-doit Pro v25 and below was discovered to be vulnerable to path traversal. | |||||
| CVE-2023-37646 | 1 Bitberry | 1 File Opener | 2024-11-21 | N/A | 7.8 HIGH |
| An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal. | |||||
| CVE-2023-37607 | 1 Automaticsystems | 2 Soc Fl9600 Firstlane, Soc Fl9600 Firstlane Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter. | |||||
| CVE-2023-37601 | 1 Mobisystems | 1 Office Suite | 2024-11-21 | N/A | 7.5 HIGH |
| Office Suite Premium v10.9.1.42602 was discovered to contain a local file inclusion (LFI) vulnerability via the component /etc/hosts. | |||||
| CVE-2023-37532 | 1 Hcltech | 1 Commerce | 2024-11-21 | N/A | 5.8 MEDIUM |
| HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system. | |||||
| CVE-2023-37476 | 1 Openrefine | 1 Openrefine | 2024-11-21 | N/A | 5.5 MEDIUM |
| OpenRefine is a free, open source tool for data processing. A carefully crafted malicious OpenRefine project tar file can be used to trigger arbitrary code execution in the context of the OpenRefine process if a user can be convinced to import it. The vulnerability exists in all versions of OpenRefine up to and including 3.7.3. Users should update to OpenRefine 3.7.4 as soon as possible. Users unable to upgrade should only import OpenRefine projects from trusted sources. | |||||
| CVE-2023-37474 | 1 Copyparty Project | 1 Copyparty | 2024-11-21 | N/A | 7.5 HIGH |
| Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-37461 | 1 Metersphere | 1 Metersphere | 2024-11-21 | N/A | 5.6 MEDIUM |
| Metersphere is an opensource testing framework. Files uploaded to Metersphere may define a `belongType` value with a relative path like `../../../../` which may cause metersphere to attempt to overwrite an existing file in the defined location or to create a new file. Attackers would be limited to overwriting files that the metersphere process has access to. This issue has been addressed in version 2.10.3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-37460 | 1 Codehaus-plexus | 1 Plexus-archiver | 2024-11-21 | N/A | 8.1 HIGH |
| Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution. When extracting an archive with an entry that already exists in the destination directory as a symbolic link whose target does not exist - the `resolveFile()` function will return the symlink's source instead of its target, which will pass the verification that ensures the file will not be extracted outside of the destination directory. Later `Files.newOutputStream()`, that follows symlinks by default, will actually write the entry's content to the symlink's target. Whoever uses plexus archiver to extract an untrusted archive is vulnerable to an arbitrary file creation and possibly remote code execution. Version 4.8.0 contains a patch for this issue. | |||||