Total
5824 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5969 | 1 Huawei | 2 E585, E585u-82 | 2023-12-10 | 4.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi. | |||||
| CVE-2012-5171 | 1 Be-graph | 1 Bezip | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Be Graph BeZIP before 3.10 allows remote attackers to create or overwrite arbitrary files via a crafted archive file. | |||||
| CVE-2013-4093 | 1 Imperva | 1 Securesphere | 2023-12-10 | 5.0 MEDIUM | N/A |
| The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath field, or (2) a T/keyManagement request to plain/settings.html, which reveals a temporary path in an error message. | |||||
| CVE-2013-3541 | 1 Ovislink | 1 Airlive Wl2600cam | 2023-12-10 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive WL2600CAM and possibly other camera models allows remote attackers to read arbitrary files via a .. (dot dot) in the READ.filePath parameter. | |||||
| CVE-2012-6324 | 1 Vmware | 1 Vcenter Server Appliance | 2023-12-10 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2013-6177 | 1 Emc | 1 Document Sciences Xpression | 2023-12-10 | 3.5 LOW | N/A |
| Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary files by leveraging xDashboard access. | |||||
| CVE-2013-7174 | 1 Qnap | 1 Qts | 2023-12-10 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter. | |||||
| CVE-2013-1627 | 2 Advantech, Indusoft | 2 Advantech Studio, Web Studio | 2023-12-10 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function. | |||||
| CVE-2011-4640 | 1 Spamtitan | 1 Webtitan | 2023-12-10 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the fname parameter in a view action. | |||||
| CVE-2012-2139 | 1 Rubygems | 1 Mail Gem | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter. | |||||
| CVE-2012-4867 | 1 Vtiger | 1 Vtiger Crm | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the module_name parameter. | |||||
| CVE-2013-3626 | 1 Attachmate | 1 Verastream Host Integrator | 2023-12-10 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VHI) 6.0 through 7.5 SP 1 HF 1 allows remote attackers to upload and execute arbitrary files via a crafted message. | |||||
| CVE-2012-4940 | 1 Gecad | 1 Axigen Free Mail Server | 2023-12-10 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI. | |||||
| CVE-2012-2215 | 1 Novell | 1 Zenworks Configuration Management | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request. | |||||
| CVE-2013-3429 | 1 Cisco | 1 Video Surveillance Manager | 2023-12-10 | 7.8 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163. | |||||
| CVE-2011-5219 | 1 Mpdf1 | 1 Mpdf | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in examples/show_code.php in mPDF 5.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2013-1156 | 1 Cisco | 1 Prime Central For Hosted Collaboration Solution | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCud51034. | |||||
| CVE-2012-4957 | 1 Novell | 1 File Reporter | 2023-12-10 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record. | |||||
| CVE-2012-2597 | 1 Siemens | 1 Wincc | 2023-12-10 | 4.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. | |||||
| CVE-2013-5219 | 1 Hot | 2 Hotbox Router, Hotbox Router Firmware | 2023-12-10 | 3.3 LOW | N/A |
| Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd. | |||||