Vulnerabilities > Improper Handling of Case Sensitivity
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-28 | CVE-2023-3545 | Improper Handling of Case Sensitivity vulnerability in Chamilo Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo LMS <= v1.11.20 on Windows and Apache installations allows unauthenticated attackers to bypass file upload security protections and obtain remote code execution via uploading of `.htaccess` file. | 9.8 |
2023-09-12 | CVE-2023-4759 | Improper Handling of Case Sensitivity vulnerability in Eclipse Jgit Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem. This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier). | 8.8 |
2023-04-20 | CVE-2022-29604 | Improper Handling of Case Sensitivity vulnerability in Opennetworking Onos 2.5.1 An issue was discovered in ONOS 2.5.1. | 9.8 |
2022-04-14 | CVE-2022-22968 | Improper Handling of Case Sensitivity vulnerability in multiple products In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path. | 5.3 |
2022-04-05 | CVE-2021-45893 | Improper Handling of Case Sensitivity vulnerability in Zauner ARC 4.2.0.4 An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. | 7.5 |
2022-01-17 | CVE-2021-25036 | Improper Handling of Case Sensitivity vulnerability in Aioseo ALL in ONE SEO The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. | 8.8 |
2021-12-15 | CVE-2021-0973 | Improper Handling of Case Sensitivity vulnerability in Google Android 12.0 In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity. | 5.0 |
2021-08-31 | CVE-2021-39134 | Improper Handling of Case Sensitivity vulnerability in multiple products `@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder. | 7.8 |
2021-03-22 | CVE-2021-25920 | Improper Handling of Case Sensitivity vulnerability in Open-Emr Openemr In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user. | 6.5 |
2020-10-02 | CVE-2020-15234 | Improper Handling of Case Sensitivity vulnerability in ORY Fosite ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. | 4.8 |