Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9141 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3378 | 2 Redhat, Rpm | 5 Enterprise Linux, Rhel Els, Rhel Eus and 2 more | 2025-04-11 | N/A |
| RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c. | ||||
| CVE-2012-5931 | 1 Microfocus | 1 Privileged User Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname. | ||||
| CVE-2012-5969 | 1 Huawei | 2 E585, E585u-82 | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi. | ||||
| CVE-2012-5978 | 1 Vmware | 1 View | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2012-3865 | 3 Cloudforms Cloudengine, Puppet, Puppetlabs | 4 1, Puppet, Puppet Enterprise and 1 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name. | ||||
| CVE-2012-6038 | 1 Razorcms | 1 Razorcms | 2025-04-11 | N/A |
| admin/core/admin_func.php in razorCMS before 1.2.1 does not properly restrict access to certain administrator directories and files, which allows remote authenticated users to read, edit, rename, move, copy and delete files via the (1) dir parameter in a fileman or (2) filemanview action. NOTE: this issue has been referred to as a "path traversal." | ||||
| CVE-2012-6064 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-11 | N/A |
| Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files. | ||||
| CVE-2012-6080 | 1 Moinmo | 1 Moinmoin | 2025-04-11 | N/A |
| Directory traversal vulnerability in the _do_attachment_move function in the AttachFile action (action/AttachFile.py) in MoinMoin 1.9.3 through 1.9.5 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a file name. | ||||
| CVE-2013-0262 | 2 Rack Project, Redhat | 2 Rack, Openshift | 2025-04-11 | N/A |
| rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka "symlink path traversals." | ||||
| CVE-2011-2780 | 1 Chyrp | 1 Chyrp | 2025-04-11 | N/A |
| Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2011-2744. | ||||
| CVE-2013-0332 | 1 Zoneminder | 1 Zoneminder | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter. | ||||
| CVE-2013-1156 | 1 Cisco | 1 Prime Central For Hosted Collaboration Solution | 2025-04-11 | N/A |
| Directory traversal vulnerability in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCud51034. | ||||
| CVE-2012-4596 | 1 Mcafee | 1 Email Gateway | 2025-04-11 | N/A |
| Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL. | ||||
| CVE-2012-4616 | 1 Emc | 1 Data Protection Advisor | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2013-1167 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2025-04-11 | N/A |
| Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558. | ||||
| CVE-2011-2653 | 1 Novell | 1 Zenworks Asset Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file. | ||||
| CVE-2012-2968 | 1 Caucho | 1 Resin | 2025-04-11 | N/A |
| Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request. | ||||
| CVE-2011-4712 | 1 Monoxide0184 | 1 Oxide Webserver | 2025-04-11 | N/A |
| Directory traversal vulnerability in Oxide WebServer allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request. | ||||
| CVE-2011-4713 | 1 Oscss | 1 Oscss | 2025-04-11 | N/A |
| Directory traversal vulnerability in catalog/content.php in osCSS2 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the _ID parameter to (1) catalog/shopping_cart.php or (2) catalog/content.php. | ||||
| CVE-2011-4714 | 1 Vvertex | 1 Muster | 2025-04-11 | N/A |
| Directory traversal vulnerability in Virtual Vertex Muster before 6.20 allows remote attackers to read arbitrary files via a \.. (backslash dot dot) in the URL. | ||||