| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2019-0182 |
1 Intel |
2 Open Cloud Integrity Tehnology, Openattestation |
2019-06-14 |
2.1 |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2011-5325 |
1 Busybox |
1 Busybox |
2019-06-13 |
5.0 |
| Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink. |
| CVE-2019-12137 |
1 Typora |
1 Typora |
2019-06-13 |
6.8 |
| Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note. |
| CVE-2017-7675 |
1 Apache |
1 Tomcat |
2019-06-12 |
5.0 |
| The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL. |
| CVE-2019-12144 |
1 Ipswitch |
1 Ws Ftp Server |
2019-06-12 |
7.5 |
| An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote... |
| CVE-2019-12146 |
1 Ipswitch |
1 Ws Ftp Server |
2019-06-12 |
6.4 |
| A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and... |
| CVE-2019-12145 |
1 Ipswitch |
1 Ws Ftp Server |
2019-06-12 |
5.0 |
| A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system. |
| CVE-2019-12143 |
1 Ipswitch |
1 Ws Ftp Server |
2019-06-12 |
5.0 |
| A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WS_FTP usernames as well as filenames. |
| CVE-2019-9723 |
|
|
2019-06-11 |
5.5 |
| LogicalDOC Community Edition 8.x before 8.2.1 has a path traversal vulnerability that allows reading arbitrary files and the creation of directories, in the class PluginRegistry. |
| CVE-2019-12477 |
1 Supra |
1 Stv-lc40lt0020f Firmware |
2019-06-11 |
2.1 |
| Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI. |
| CVE-2019-8320 |
1 Rubygems |
1 Rubygems |
2019-06-11 |
8.8 |
| A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3.0.2. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination. If that destination... |
| CVE-2018-13379 |
1 Fortinet |
1 Fortios |
2019-06-10 |
5.0 |
| An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP... |
| CVE-2019-12276 |
1 Grandnode |
1 Grandnode |
2019-06-07 |
5.0 |
| A Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows remote, unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted... |
| CVE-2019-8385 |
|
|
2019-06-06 |
7.5 |
| An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.358. An unauthenticated directory traversal and local file inclusion vulnerability in the ThomsonReuters.Desktop.Service.exe and ThomsonReuters.Desktop.exe allows a remote... |
| CVE-2019-10009 |
1 Southrivertech |
1 Titan Ftp Server |
2019-06-06 |
4.0 |
| A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be... |
| CVE-2019-5356 |
1 Hp |
1 Intelligent Management Center |
2019-06-06 |
10.0 |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. |
| CVE-2019-6754 |
1 Foxitsoftware |
2 Foxit Reader, Phantompdf |
2019-06-05 |
6.8 |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a... |
| CVE-2019-12593 |
1 Icewarp |
1 Mail Server |
2019-06-04 |
5.0 |
| IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal. |
| CVE-2019-12310 |
1 Exagrid |
1 Backup Appliance Firmware |
2019-06-04 |
5.0 |
| ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote attackers to view and retrieve verbose logging information. Files within this directory were observed to... |
| CVE-2018-16874 |
2 Golang, Opensuse |
2 Go, Leap |
2019-06-03 |
6.8 |
| In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is... |
