Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file::path vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2021-22028
In versions of Greenplum database before 5.28.6 and 6.14.0, greenplum database contains a file path traversal vulnerability leading to information disclosure from the file system. A malicious user can read/write information from the file system using this vulnerability.
Greenplum Greenplum
NA
CVE-2023-24455
Jenkins visualexpert Plugin 1.3 and previous versions does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file syste...
Jenkins Visual Expert 1.0
Jenkins Visual Expert 1.3
NA
CVE-2023-24449
Jenkins PWauth Security Realm Plugin 0.4 and previous versions does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller fil...
Jenkins Pwauth Security Realm
NA
CVE-2022-36904
Jenkins Repository Connector Plugin 2.2.0 and previous versions does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller fi...
Jenkins Repository Connector
NA
CVE-2022-36914
Jenkins Files Found Trigger Plugin 1.5 and previous versions does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file ...
Jenkins Files Found Trigger
NA
CVE-2023-32985
Jenkins Sidebar Link Plugin 2.2.1 and previous versions does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file syste...
Jenkins Sidebar Link
605
VMScore
CVE-2007-0468
Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote malicious users to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file.
Microsoft Visual Studio 6.0
NA
CVE-2022-36890
Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and previous versions does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for the existence of an attacker-specified file path on the Jenkins controll...
Jenkins Deployer Framework
409
VMScore
CVE-2020-9072
Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a local privilege escalation vulnerability. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the malicious user to obtain a hig...
Huawei Osd Firmware
NA
CVE-2024-0520
A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command ('Command Injection') within the `mlflow.data.http_dataset_source.py` module. Specifically, when loading a dataset fr...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »