Total
7342 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9339 | 1 Macgregor | 2 Interschalt Vdr G4e, Interschalt Vdr G4e Firmware | 2025-04-20 | 5.3 Medium |
| An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to read files on the system, a Path Traversal. | ||||
| CVE-2016-9351 | 1 Advantech | 1 Susiaccess | 2025-04-20 | N/A |
| An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The directory traversal/file upload error allows an attacker to upload and unpack a zip file. | ||||
| CVE-2016-9357 | 1 Eaton | 10 Eamaxx Series Epdu, Eamaxx Series Epdu Firmware, Eamxxx Series Epdu and 7 more | 2025-04-20 | N/A |
| An issue was discovered in certain legacy Eaton ePDUs -- the affected products are past end-of-life (EoL) and no longer supported: EAMxxx prior to June 30, 2015, EMAxxx prior to January 31, 2014, EAMAxx prior to January 31, 2014, EMAAxx prior to January 31, 2014, and ESWAxx prior to January 31, 2014. An unauthenticated attacker may be able to access configuration files with a specially crafted URL (Path Traversal). | ||||
| CVE-2016-9364 | 1 Fidelex | 4 Fx-2030a-basic Controller, Fx-2030a-basic Firmware, Fx-2030a Controller and 1 more | 2025-04-20 | N/A |
| An issue was discovered in Fidelix FX-20 series controllers, versions prior to 11.50.19. Arbitrary file reading via path traversal allows an attacker to access arbitrary files and directories on the server. | ||||
| CVE-2016-8913 | 1 Ibm | 1 Kenexa Lms On Cloud | 2025-04-20 | N/A |
| IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2016-8933 | 1 Ibm | 1 Kenexa Lms | 2025-04-20 | N/A |
| IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2016-9164 | 1 Ca | 1 Unified Infrastructure Management | 2025-04-20 | N/A |
| Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2016-8593 | 1 Trendmicro | 1 Threat Discovery Appliance | 2025-04-20 | N/A |
| Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the dID parameter. | ||||
| CVE-2016-7802 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2016-7825 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2025-04-20 | N/A |
| Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands. | ||||
| CVE-2016-7826 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2025-04-20 | N/A |
| Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests. | ||||
| CVE-2016-7842 | 1 Hibara | 1 Attachecase | 2025-04-20 | N/A |
| Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file. | ||||
| CVE-2016-7843 | 1 Hibara Software | 3 Attachecase For Java, Attachecase Lite, Attachecase Pro | 2025-04-20 | N/A |
| Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file. | ||||
| CVE-2016-7982 | 1 Spip | 1 Spip | 2025-04-20 | N/A |
| Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action. | ||||
| CVE-2016-8204 | 1 Broadcom | 1 Brocade Network Advisor | 2025-04-20 | 9.8 Critical |
| A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. | ||||
| CVE-2016-8205 | 1 Brocade | 1 Network Advisor | 2025-04-20 | N/A |
| A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. | ||||
| CVE-2016-8206 | 1 Brocade | 1 Network Advisor | 2025-04-20 | N/A |
| A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files. | ||||
| CVE-2016-8207 | 1 Brocade | 1 Network Advisor | 2025-04-20 | N/A |
| A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information. | ||||
| CVE-2016-8211 | 1 Dell | 1 Emc Data Protection Advisor | 2025-04-20 | 7.5 High |
| EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. | ||||
| CVE-2016-6795 | 1 Apache | 1 Struts | 2025-04-20 | N/A |
| In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side. | ||||