CVE-2013-5011

HIGH Year: 2013
CVSS v2 Score
7.2
High
Weakness Type
CWE-22
View all →

Vulnerability Description

Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.

Related Vulnerabilities

CVE-2017-12815

CRITICAL
CVSS:10.0(Critical)

Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar ...

CWE-222017

CVE-2019-18253

CRITICAL
CVSS:10.0(Critical)

An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the...

CWE-222019

CVE-2020-29495

CRITICAL
CVSS:10.0(Critical)

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, le...

CWE-222020

CVE-2022-1992

CRITICAL
CVSS:10.0(Critical)

Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.

CWE-222022

CVE-2023-2909

CRITICAL
CVSS:10.0(Critical)

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2...

CWE-222023

CVE-2023-6015

CRITICAL
CVSS:10.0(Critical)

MLflow allowed arbitrary files to be PUT onto the server.

CWE-222023