映射到 CWE-639,CWE-22 的搜索结果 (1976)

CVE-2017-1000026(发布:2017-07-17 09:18:16)N
CVSS5.0

[原文]Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries

CVE-2017-1000002(发布:2017-07-17 09:18:15)N
CVSS7.5

[原文]ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component resulting in information disclosure.

CVE-2014-7954(发布:2017-07-07 13:29:00)NMCP
CVSS2.1

[CNNVD]Google Android 目录遍历漏洞--Google Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。 Google Android中存在目录遍历漏洞,该漏洞源于程序没有充分过滤用户提交的输入。远程攻击者可借助目录遍历字符‘..&r...

CVE-2015-3297(发布:2017-07-07 12:29:00)NMC
CVSS5.0

[CNNVD]Etherpad Lite’utils/Minify.js‘目录遍历漏洞--Etherpad Lite是Etherpad基金会的一套开源的富文本在线协作软件。 Etherpad Lite中存在目录遍历漏洞。远程攻击者可借助目录遍历字符‘..’利用该漏洞访问或读取包含敏感信息的任意文件,或访问受限制目录外的文件,获取敏感信息。 ...

CVE-2017-10974(发布:2017-07-07 07:29:00)N
CVSS5.0

[原文]Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on this product.

CVE-2015-7780(发布:2017-06-27 16:29:00)NMS
CVSS4.0

[原文]Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0.

首页上一页23456789下一页尾页 第4页 / 共330页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站