Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
relative vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2001-0573
lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.
Ibm Aix 4
NA
CVE-2013-6499
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
9.3
CVSSv2
CVE-2016-3376
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "W...
Microsoft Windows 10 -
Microsoft Windows 10 1511
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Vista -
1 EDB exploit
5
CVSSv2
CVE-2001-0467
Directory traversal vulnerability in RobTex Viking Web server prior to 1.07-381 allows remote malicious users to read arbitrary files via a \... (modified dot dot) in an HTTP URL request.
Robtex Viking Server
1 EDB exploit
4.4
CVSSv2
CVE-2007-2027
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct ...
Elinks Elinks 0.11.1
1 EDB exploit
5
CVSSv2
CVE-2017-5188
The bs_worker code in open build service prior to 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information.
Opensuse Open Build Service
NA
CVE-2021-22281
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 up to and including 4.12.
Br-automation Automation Studio
5
CVSSv2
CVE-2020-7666
This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.
U-root U-root
5
CVSSv2
CVE-2021-27515
url-parse prior to 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.
Url-parse Project Url-parse
5
CVSSv2
CVE-2021-27516
URI.js (aka urijs) prior to 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.
Uri.js Project Uri.js
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »