Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
relative vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2001-0573
lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.
Ibm Aix 4
641
VMScore
CVE-2018-15782
The Quick Setup component of RSA Authentication Manager versions before 8.4 is vulnerable to a relative path traversal vulnerability. A local attacker could potentially provide an administrator with a crafted license that if used during the quick setup deployment of the initial R...
Rsa Authentication Manager
NA
CVE-2013-6499
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
935
VMScore
CVE-2016-3376
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "W...
Microsoft Windows 10 -
Microsoft Windows 10 1511
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Vista -
1 EDB exploit
445
VMScore
CVE-2020-7211
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.
Libslirp Project Libslirp 4.1.0
Qemu Qemu 4.2.0
505
VMScore
CVE-2001-0467
Directory traversal vulnerability in RobTex Viking Web server prior to 1.07-381 allows remote malicious users to read arbitrary files via a \... (modified dot dot) in an HTTP URL request.
Robtex Viking Server
1 EDB exploit
445
VMScore
CVE-2007-2027
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct ...
Elinks Elinks 0.11.1
1 EDB exploit
445
VMScore
CVE-2017-5188
The bs_worker code in open build service prior to 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information.
Opensuse Open Build Service
NA
CVE-2021-22281
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 up to and including 4.12.
Br-automation Automation Studio
446
VMScore
CVE-2020-7666
This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.
U-root U-root
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »