Vulnerabilities > Improper Handling of Case Sensitivity

DATE CVE VULNERABILITY TITLE RISK
2024-01-19 CVE-2024-23331 Improper Handling of Case Sensitivity vulnerability in Vitejs Vite
Vite is a frontend tooling framework for javascript.
network
low complexity
vitejs CWE-178
7.5
2023-11-28 CVE-2023-3545 Improper Handling of Case Sensitivity vulnerability in Chamilo 1.11.0/1.11.14
Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo LMS <= v1.11.20 on Windows and Apache installations allows unauthenticated attackers to bypass file upload security protections and obtain remote code execution via uploading of `.htaccess` file.
network
low complexity
chamilo CWE-178
critical
9.8
2023-09-12 CVE-2023-4759 Improper Handling of Case Sensitivity vulnerability in Eclipse Jgit
Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem. This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier).
network
low complexity
eclipse CWE-178
8.8
2023-04-20 CVE-2022-29604 Improper Handling of Case Sensitivity vulnerability in Opennetworking Onos 2.5.1
An issue was discovered in ONOS 2.5.1.
network
low complexity
opennetworking CWE-178
critical
9.8
2022-04-14 CVE-2022-22968 Improper Handling of Case Sensitivity vulnerability in multiple products
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.
network
low complexity
vmware netapp oracle CWE-178
5.3
2022-04-05 CVE-2021-45893 Improper Handling of Case Sensitivity vulnerability in Zauner ARC 4.2.0.4
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4.
network
zauner CWE-178
4.3
2022-01-17 CVE-2021-25036 Improper Handling of Case Sensitivity vulnerability in Aioseo ALL in ONE SEO
The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to.
network
low complexity
aioseo CWE-178
8.8
2021-12-15 CVE-2021-0973 Improper Handling of Case Sensitivity vulnerability in Google Android 12.0
In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity.
local
google CWE-178
1.9
2021-08-31 CVE-2021-39134 Improper Handling of Case Sensitivity vulnerability in multiple products
`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder.
local
low complexity
npmjs oracle siemens CWE-178
7.8
2021-06-14 CVE-2021-24347 Improper Handling of Case Sensitivity vulnerability in Smartypantsplugins SP Project & Document Manager
The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension.
network
low complexity
smartypantsplugins CWE-178
8.8