CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-39402
https://notcve.org/view.php?id=CVE-2023-39402
Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. • https://consumer.huawei.com/en/support/bulletin/2023/8 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-285: Improper Authorization •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-39401
https://notcve.org/view.php?id=CVE-2023-39401
Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. • https://consumer.huawei.com/en/support/bulletin/2023/8 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-285: Improper Authorization •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-39400
https://notcve.org/view.php?id=CVE-2023-39400
Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. • https://consumer.huawei.com/en/support/bulletin/2023/8 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24698
https://notcve.org/view.php?id=CVE-2023-24698
Insufficient parameter validation in the Foswiki::Sandbox component of Foswiki v2.1.7 and below allows attackers to perform a directory traversal via supplying a crafted web request. • https://foswiki.org/Support/SecurityAlert-CVE-2023-24698 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37896 – Nuclei Path Traversal vulnerability
https://notcve.org/view.php?id=CVE-2023-37896
The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. ... The maintainers have also enabled sandbox by default for filesystem loading. ... Existía un riesgo potencial con la carga de payloads en modo sandbox. ... Los mantenedores también han habilitado sandbox por defecto para la carga del sistema de archivos. • https://github.com/projectdiscovery/nuclei/pull/3927 https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9 https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •