Total
8034 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-6607 | 1 Augeas | 1 Augeas | 2025-04-11 | N/A |
| The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786. | ||||
| CVE-2013-0141 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-11 | N/A |
| Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory. | ||||
| CVE-2013-0332 | 1 Zoneminder | 1 Zoneminder | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter. | ||||
| CVE-2013-0544 | 2 Ibm, Linux | 2 Websphere Application Server, Linux Kernel | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux and UNIX allows remote authenticated users to modify data via unspecified vectors. | ||||
| CVE-2013-0671 | 1 Siemens | 1 Wincc Tia Portal | 2025-04-11 | N/A |
| Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL. | ||||
| CVE-2013-0673 | 1 Matrikonopc | 1 Matrikonopc A\&e Historian | 2025-04-11 | N/A |
| Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A&E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL. | ||||
| CVE-2013-0705 | 1 Lsi | 1 3ware Disk Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) before 2 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2013-0831 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process. | ||||
| CVE-2013-0911 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases. | ||||
| CVE-2013-1167 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2025-04-11 | N/A |
| Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558. | ||||
| CVE-2013-1224 | 1 Cisco | 1 Unified Customer Voice Portal | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369. | ||||
| CVE-2013-1469 | 1 Piwigo | 1 Piwigo | 2025-04-11 | N/A |
| Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter. | ||||
| CVE-2013-1608 | 1 Symantec | 1 Netbackup Appliance | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2013-1645 | 1 Open-xchange | 1 Open-xchange Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the publication template path. | ||||
| CVE-2013-1904 | 1 Roundcube | 1 Webmail | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _value parameter for the generic_message_footer setting in a save-perf action to index.php, as exploited in the wild in March 2013. | ||||
| CVE-2013-2560 | 1 Foscam | 1 Fi8919w | 2025-04-11 | N/A |
| Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials. | ||||
| CVE-2013-2978 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2988. | ||||
| CVE-2013-2981 | 1 Ibm | 1 Data Studio | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2013-2984 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | N/A |
| Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or modify files via unspecified vectors. | ||||
| CVE-2013-3240 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type. | ||||