Vulnerabilities > Improper Handling of Case Sensitivity

DATE CVE VULNERABILITY TITLE RISK
2023-11-28 CVE-2023-3545 Improper Handling of Case Sensitivity vulnerability in Chamilo
Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo LMS <= v1.11.20 on Windows and Apache installations allows unauthenticated attackers to bypass file upload security protections and obtain remote code execution via uploading of `.htaccess` file.
network
low complexity
chamilo CWE-178
critical
9.8
2023-09-12 CVE-2023-4759 Improper Handling of Case Sensitivity vulnerability in Eclipse Jgit
Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem. This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier).
network
low complexity
eclipse CWE-178
8.8
2023-04-20 CVE-2022-29604 Improper Handling of Case Sensitivity vulnerability in Opennetworking Onos 2.5.1
An issue was discovered in ONOS 2.5.1.
network
low complexity
opennetworking CWE-178
critical
9.8
2022-04-14 CVE-2022-22968 Improper Handling of Case Sensitivity vulnerability in multiple products
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.
network
low complexity
vmware netapp oracle CWE-178
5.3
2022-04-05 CVE-2021-45893 Improper Handling of Case Sensitivity vulnerability in Zauner ARC 4.2.0.4
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4.
network
low complexity
zauner CWE-178
7.5
2022-01-17 CVE-2021-25036 Improper Handling of Case Sensitivity vulnerability in Aioseo ALL in ONE SEO
The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to.
network
low complexity
aioseo CWE-178
8.8
2021-12-15 CVE-2021-0973 Improper Handling of Case Sensitivity vulnerability in Google Android 12.0
In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity.
local
low complexity
google CWE-178
5.0
2021-08-31 CVE-2021-39134 Improper Handling of Case Sensitivity vulnerability in multiple products
`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder.
local
low complexity
npmjs oracle siemens CWE-178
7.8
2021-03-22 CVE-2021-25920 Improper Handling of Case Sensitivity vulnerability in Open-Emr Openemr
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user.
network
low complexity
open-emr CWE-178
6.5
2020-10-02 CVE-2020-15234 Improper Handling of Case Sensitivity vulnerability in ORY Fosite
ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go.
network
low complexity
ory CWE-178
4.8