Total
                    2 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2024-6049 | 1 Lawo | 1 Vsm Ltc Timesync | 2024-11-21 | 7.5 High | 
| The web server of Lawo AG vsm LTC Time Sync (vTimeSync) is affected by a "..." (triple dot) path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only possible if the requested file has some file extension, e. g. .exe or .txt. | ||||
| CVE-2024-41784 | 1 Ibm | 1 Sterling Secure Proxy | 2024-11-20 | 7.5 High | 
| IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot dot" sequences (/.../) to view arbitrary files on the system. | ||||
                            
                                
                                
                                    Page 1 of 1.