Total
6537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-41704 | 1 Librechat | 1 Librechat | 2024-11-21 | N/A | 9.8 CRITICAL |
| LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images. | |||||
| CVE-2024-41695 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory | |||||
| CVE-2024-41628 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. | |||||
| CVE-2024-41373 | 2024-11-21 | N/A | 6.3 MEDIUM | ||
| ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php. | |||||
| CVE-2024-41163 | 1 Veertu | 1 Anka Build Cloud | 2024-11-21 | N/A | 7.5 HIGH |
| A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to exploit this vulnerability. | |||||
| CVE-2024-40629 | 1 Fit2cloud | 1 Jumpserver | 2024-11-21 | N/A | 10.0 CRITICAL |
| JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to remote code execution (RCE) in the Celery container. The Celery container runs as root and has database access, allowing an attacker to steal all secrets for hosts, create a new JumpServer account with admin privileges, or manipulate the database in other ways. This issue has been patched in release versions 3.10.12 and 4.0.0. It is recommended to upgrade the safe versions. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-40628 | 1 Fit2cloud | 1 Jumpserver | 2024-11-21 | N/A | 10.0 CRITICAL |
| JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary files in the celery container, leading to sensitive information disclosure. The Celery container runs as root and has database access, allowing the attacker to steal all secrets for hosts, create a new JumpServer account with admin privileges, or manipulate the database in other ways. This issue has been addressed in release versions 3.10.12 and 4.0.0. It is recommended to upgrade the safe versions. There is no known workarounds for this vulnerability. | |||||
| CVE-2024-40617 | 1 Fujitsu | 2 Network Edgiot Gw1500, Network Edgiot Gw1500 Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked. | |||||
| CVE-2024-40550 | 1 Publiccms | 1 Publiccms | 2024-11-21 | N/A | 8.8 HIGH |
| An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2024-40524 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute arbitrary code via the webtool\application.py component. | |||||
| CVE-2024-40422 | 1 Stitionai | 1 Devika | 2024-11-21 | N/A | 9.1 CRITICAL |
| The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. An attacker can manipulate the snapshot_path parameter to traverse directories and access sensitive files on the server. This can potentially lead to unauthorized access to critical system files and compromise the confidentiality and integrity of the system. | |||||
| CVE-2024-40348 | 2024-11-21 | N/A | 8.2 HIGH | ||
| An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. | |||||
| CVE-2024-40051 | 1 Ip-guard | 1 Ip-guard | 2024-11-21 | N/A | 7.5 HIGH |
| IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read vulnerability via the file name parameter. | |||||
| CVE-2024-3934 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in versions 7.3.0 to 7.5.1 via the mercadopagoDownloadLog function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download and read the contents of arbitrary files on the server, which can contain sensitive information. The arbitrary file download was patched in 7.5.1, while the missing authorization was corrected in version 7.6.2. | |||||
| CVE-2024-3783 | 2024-11-21 | N/A | 7.7 HIGH | ||
| The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the system. | |||||
| CVE-2024-3737 | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been rated as critical. Affected by this issue is the function findCountByQuery of the file /adminPage/www/addOver. The manipulation of the argument dir leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260576. | |||||
| CVE-2024-3571 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to information disclosure or remote code execution. The issue lies in the handling of file paths in the mset and mget methods, where user-supplied input is not adequately sanitized, allowing directory traversal sequences to reach unintended directories. | |||||
| CVE-2024-3484 | 2024-11-21 | N/A | 5.7 MEDIUM | ||
| Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure. | |||||
| CVE-2024-3429 | 1 Lollms | 1 Lollms | 2024-11-21 | N/A | 9.8 CRITICAL |
| A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_endpoint` and `sanitize_path` functions in `lollms_core\lollms\security.py`. This vulnerability allows for arbitrary file reading when the application is running on Windows. The issue arises due to insufficient sanitization of user-supplied input, enabling attackers to bypass the path traversal protection mechanisms by crafting malicious input. Successful exploitation could lead to unauthorized access to sensitive files, information disclosure, and potentially a denial of service (DoS) condition by including numerous large or resource-intensive files. This vulnerability affects the latest version prior to 9.6. | |||||
| CVE-2024-3403 | 2024-11-21 | N/A | 7.5 HIGH | ||
| imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI to retrieve or disclose the contents of any file on the system. This vulnerability could lead to various impacts, including but not limited to remote code execution by obtaining private SSH keys, unauthorized access to private files, source code disclosure facilitating further attacks, and exposure of configuration files. | |||||