Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
relative vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-27515
url-parse prior to 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.
Url-parse Project Url-parse
5
CVSSv2
CVE-2021-27516
URI.js (aka urijs) prior to 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.
Uri.js Project Uri.js
4.6
CVSSv2
CVE-2000-0663
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relat...
Microsoft Windows 2000
Microsoft Windows Nt 4.0
NA
CVE-2021-38399
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories.
Honeywell C200 Firmware -
Honeywell C200e Firmware -
Honeywell C300 Firmware -
Honeywell Application Control Environment Firmware -
5
CVSSv2
CVE-2021-33587
The css-what package 4.0.0 up to and including 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
Css-what Project Css-what 4.0.0
Css-what Project Css-what 5.0.0
Netapp E-series Performance Analyzer -
NA
CVE-2018-25046
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
Cloudfoundry Archiver
NA
CVE-2022-2922
Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform before 9.11.0.
Dnnsoftware Dotnetnuke
NA
CVE-2023-4914
Relative Path Traversal in GitHub repository cecilapp/cecil before 7.47.1.
Cecil Cecil
NA
CVE-2023-2356
Relative Path Traversal in GitHub repository mlflow/mlflow before 2.3.1.
Lfprojects Mlflow
6.8
CVSSv2
CVE-2020-24742
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing malicious users to execute arbitrary code via crafted files.
Qt Qt
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »