CVE-2023-46784

HIGH Year: 2023
CVSS v3 Score
8.2
High
Weakness Type
CWE-22
View all →

Vulnerability Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through 10.12.0.3.

Related Vulnerabilities

CVE-2017-2627

HIGH
CVSS:8.2(High)

A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. I...

CWE-222017

CVE-2018-1000863

HIGH
CVSS:8.2(High)

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improp...

CWE-222018

CVE-2019-10185

HIGH
CVSS:8.2(High)

It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary ...

CWE-222019

CVE-2019-11608

HIGH
CVSS:8.2(High)

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive informatio...

CWE-222019

CVE-2019-11609

HIGH
CVSS:8.2(High)

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information ...

CWE-222019

CVE-2021-27278

HIGH
CVSS:8.2(High)

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code ...

CWE-222021