How severe is CVE-2024-0849?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-0849?

This is classified as CWE-73, which is a common weakness in software security.

CVE-2024-0849

MEDIUM Year: 2024

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-73

View all →

Vulnerability Description

Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible because the application is vulnerable to LFR.

CVE-2025-0202

MEDIUM

CVSS:5.5(Medium)

A vulnerability was found in TCS BaNCS 10. It has been classified as problematic. This affects an unknown part of the file /REPORTS/REPORTS_SHOW_FILE.jsp. The manipulation of the argument FilePath lea...

CWE-732025

CVE-2024-39303

MEDIUM

CVSS:5.4(Medium)

Weblate is a web based localization tool. Prior to version 5.6.2, Weblate didn't correctly validate filenames when restoring project backup. It may be possible to gain unauthorized access to files on ...

CWE-732024

CVE-2025-24054

MEDIUM

CVSS:5.4(Medium)

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CWE-732025

CVE-2022-2400

MEDIUM

CVSS:5.3(Medium)

External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.

CWE-732022

CVE-2022-34765

MEDIUM

CVSS:5.3(Medium)

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: ...

CWE-732022

CVE-2022-45213

MEDIUM

CVSS:5.3(Medium)

perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL.

CWE-732022

CVE-2024-0849

Vulnerability Description

Related Vulnerabilities

CVE-2025-0202

CVE-2024-39303

CVE-2025-24054

CVE-2022-2400

CVE-2022-34765

CVE-2022-45213