Total
8688 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-5182 | 1 Mudler | 1 Localai | 2024-11-21 | 9.1 Critical |
| A path traversal vulnerability exists in mudler/localai version 2.14.0, where an attacker can exploit the `model` parameter during the model deletion process to delete arbitrary files. Specifically, by crafting a request with a manipulated `model` parameter, an attacker can traverse the directory structure and target files outside of the intended directory, leading to the deletion of sensitive data. This vulnerability is due to insufficient input validation and sanitization of the `model` parameter. | ||||
| CVE-2024-5019 | 1 Progress | 1 Whatsup Gold | 2024-11-21 | 5.3 Medium |
| In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Arbitrary File Read issue exists in Wug.UI.Areas.Wug.Controllers.SessionController.CachedCSS. This vulnerability allows reading of any file with iisapppool\NmConsole privileges. | ||||
| CVE-2024-5018 | 1 Progress | 1 Whatsup Gold | 2024-11-21 | 5.3 Medium |
| In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal vulnerability exists Wug.UI.Areas.Wug.Controllers.SessionController.LoadNMScript. This allows allows reading of any file from the applications web-root directory . | ||||
| CVE-2024-51756 | 2024-11-21 | N/A | ||
| The cap-std project is organized around the eponymous `cap-std` crate, and develops libraries to make it easy to write capability-based code. cap-std's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so on. Untrusted filesystem paths could bypass the sandbox and access devices through those special device filenames with superscript digits, and through them provide access peripheral devices connected to the computer, or network resources mapped to those devices. This can include modems, printers, network printers, and any other device connected to a serial or parallel port, including emulated USB serial ports. The bug is fixed in #371, which is published in cap-primitives 3.4.1, cap-std 3.4.1, and cap-async-std 3.4.1. There are no known workarounds for this issue. Affected Windows users are recommended to upgrade. | ||||
| CVE-2024-51127 | 1 Redhat | 2 Hornetq, Jboss Enterprise Application Platform | 2024-11-21 | 9.1 Critical |
| An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information. | ||||
| CVE-2024-4956 | 1 Sonatype | 1 Nexus Repository Manager | 2024-11-21 | 7.5 High |
| Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1. | ||||
| CVE-2024-4881 | 1 Lollms | 1 Lollms | 2024-11-21 | 7.5 High |
| A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0 and potentially earlier versions, but fixed in version 5.9.0. The vulnerability arises due to improper validation of file paths between Windows and Linux environments, allowing attackers to traverse beyond the intended directory and read any file on the Windows system. Specifically, the application fails to adequately sanitize file paths containing backslashes (`\`), which can be exploited to access the root directory and read, or even delete, sensitive files. This issue was discovered in the context of the `/user_infos` endpoint, where a crafted request using backslashes to reference a file (e.g., `\windows\win.ini`) could result in unauthorized file access. The impact of this vulnerability includes the potential for attackers to access sensitive information such as environment variables, database files, and configuration files, which could lead to further compromise of the system. | ||||
| CVE-2024-4701 | 2024-11-21 | 9.9 Critical | ||
| A path traversal issue potentially leading to remote code execution in Genie for all versions prior to 4.3.18 | ||||
| CVE-2024-4576 | 1 Tibco | 1 Ebx | 2024-11-21 | 5.3 Medium |
| The component listed above contains a vulnerability that allows an attacker to traverse directories and access sensitive files, leading to unauthorized disclosure of system configuration and potentially sensitive information. | ||||
| CVE-2024-4320 | 1 Lollms | 1 Lollms Web Ui | 2024-11-21 | 9.8 Critical |
| A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the `@router.post("/install_extension")` route handler. The vulnerability arises due to improper handling of the `name` parameter in the `ExtensionBuilder().build_extension()` method, which allows for local file inclusion (LFI) leading to arbitrary code execution. An attacker can exploit this vulnerability by crafting a malicious `name` parameter that causes the server to load and execute a `__init__.py` file from an arbitrary location, such as the upload directory for discussions. This vulnerability affects the latest version of parisneo/lollms-webui and can lead to remote code execution without requiring user interaction, especially when the application is exposed to an external endpoint or operated in headless mode. | ||||
| CVE-2024-47191 | 2 Nongnu, Redhat | 2 Oath Toolkit, Ceph Storage | 2024-11-21 | 7.1 High |
| pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink. | ||||
| CVE-2024-44625 | 1 Gogs | 1 Gogs | 2024-11-21 | 8.8 High |
| Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. | ||||
| CVE-2024-42007 | 1 Noisebynorthwest | 1 Php-spx | 2024-11-21 | 5.8 Medium |
| SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files. | ||||
| CVE-2024-41704 | 2 Danny-avila, Librechat | 2 Libre Chat, Librechat | 2024-11-21 | 9.1 Critical |
| LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images. | ||||
| CVE-2024-41695 | 2024-11-21 | 7.5 High | ||
| Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory | ||||
| CVE-2024-41628 | 1 Severalnines | 1 Clustercontrol | 2024-11-21 | 7.5 High |
| Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. | ||||
| CVE-2024-40617 | 1 Fujitsu | 2 Network Edgiot Gw1500, Network Edgiot Gw1500 Firmware | 2024-11-21 | 6.5 Medium |
| Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked. | ||||
| CVE-2024-40550 | 1 Publiccms | 1 Publiccms | 2024-11-21 | 8.8 High |
| An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | ||||
| CVE-2024-40524 | 1 Yuque | 1 Xmind2testcase | 2024-11-21 | 9.8 Critical |
| Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute arbitrary code via the webtool\application.py component. | ||||
| CVE-2024-40051 | 1 Ip-guard | 1 Ip-guard | 2024-11-21 | 7.5 High |
| IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read vulnerability via the file name parameter. | ||||