Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
relative vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-28675
An issue exists in Pillow prior to 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.
Python Pillow
Fedoraproject Fedora 33
NA
CVE-2024-3084
A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Hire an Ambulance Page. The manipulation of the argument Patient Name/Relative Name/Relative Phone Number/C...
7.5
CVSSv2
CVE-2019-17670
WordPress prior to 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.5
CVSSv2
CVE-2020-5803
Relative Path Traversal in Marvell QConvergeConsole GUI 5.5.0.74 allows a remote, authenticated malicious user to delete arbitrary files on disk as SYSTEM or root.
Marvell Qconvergeconsole 5.5.00.74
NA
CVE-2020-36560
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
Go-unzip Project Go-unzip
NA
CVE-2020-36561
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
Unzip Project Unzip
NA
CVE-2020-36566
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
Tar-utils Project Tar-utils
NA
CVE-2023-34117
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access.
Zoom Zoom Software Development Kit
6.5
CVSSv2
CVE-2019-11826
Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments prior to 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.
Synology Moments
7.5
CVSSv2
CVE-2020-25172
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and previous versions allows unauthenticated malicious users to upload or download arbitrary files.
Bbraun Onlinesuite Application Package
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »